INFO: Version en.xModule type:

System settings - User

In the system settings, various general settings for login, session duration, etc. can be made for users via the 'User administration' tab.

System settings - User
System settings - User

Operation

'Password rules':

You can optionally enter values for password rules in this field. Example rules can be found below the field.
8,aA1$ in the input field means e.g:

  • Minimum number of characters - here "8,"
  • Lower case letters must be included - "a"
  • Capital letters must be included - "A"
  • Numbers must be included - "1"
  • Special characters must be included - "$"

These password guidelines apply in general, i.e. also for administrators. Current Weblics® such as user registration, login form, forgot password and change password also support this.

'Password rules for public users':

In this field you can optionally enter values for password rules that relate specifically to public users. These can, for example, be slightly weaker rules compared to maintenance users if there are no general security concerns.

'Do not allow previously used passwords to be used again':

If this parameter is activated, passwords that have already been used cannot be used again by the corresponding user. If this setting is activated, these are saved when the user's password is changed.

'Activate login lock':

If this parameter is activated, a user is blocked after the number of incorrect login attempts specified in the'Possible incorrect login attempts' field. The block remains in place for the duration set under'Time period in seconds for which an IP address is blocked'. The block is therefore based on the IP address with which a user has logged in.

'Activate session TANs':

If this parameter is activated, a user of the Administrator user type can use the user simulation. This enables them to call up the view for a care user or anonymous visitor (site visitor) via a user simulation domain entered in the project configuration.

'Possible incorrect login attempts':

In this field, you can optionally enter the number of possible incorrect login attempts. This entry only has an effect if the'Activate login blocking' field is activated.

'Time period in seconds for which an IP address is blocked':

In this field, you can optionally enter the duration in seconds for blocking logins if the number of incorrect login attempts is exceeded. This entry only has an effect if the'Activate blocking of logins' field is activated.

'Two-factor authentication for administrators':

Using this selection box, you can optionally specify the number of recent logins that will be used as the basis for requiring two-factor authentication (2FA). The 2FA is therefore only required for administrators if the client ID does not correspond to one of the last X logins.
The 2FA is set for the user.

'Two-factor authentication for editors':

You can use this selection box to optionally specify the number of recent logins that are used as the basis for requiring two-factor authentication (2FA). The 2FA is therefore only required for editors if the client ID does not correspond to one of the last X logins.
The 2FA is set for the user.

'Multi-factor TAN sent by e-mail':

You can use this selection box to specify how the TAN for two-factor authentication should be composed:

  • 4 numbers
  • 6 alphanumeric characters

'Link to request new password':

In this field, you can optionally select the path via the right selection arrow which is to be used as a link for a password request. This can be, for example, the "Forgot password" form, which can be installed as Weblic® (e.g. /en/password-forgotten/).
If a domain other than the one licensed is used for the project, it is best to enter the complete URL (e.g. https://domain.dd/de/passwort-vergessen/).
The link appears under the login form (e.g. https://domain. dd/weblication/). In addition, a "Send link to reset password" button is displayed in the user mask via the user administration, which can be used to open an e-mail that already contains a predefined text and the link.