For increased security eFront offers various password settings for managing user passwords.
As an administrator login and from the Administration dashboard, visit the System Settings. Here, move to the Security section (1) and then go to the Passwords tab (2).
Let us go through all settings on by one:
- Force Password Expiration: You may select this option if you wish that your user's password will expire after some period of time. You may select to have password expire after a month up to a year.
- Restrict the usage of passwords: In the case that you want your users' passwords to expire and you do not want your users to be able to use passwords that have used in the past, check in this setting.
- Minimum password length: You may set the required length of your users' passwords. Although a small length password is easy to remember it may be vulnerable, so consider a medium or large password length.
- Password regular expression: If you wish your users' passwords to follow a pattern, for example, a passphrase with only digits, you may describe this in a regular expression.
- Password label: You may provide a placeholder for your password fields that explains your password requirements to your users.
- Force password change upon initial login: Force your users to change their password the first time they log in. This feature not only provides increased security but is also really handy when you register users automatically, for example through the REST API or some other 3rd party integration.
- Show the 'reset password link': Select whether users will have the option to reset their password if they have forgotten it or not.