Security Features
      Back to home
      1. Knowledge Base
      2. Web App Features & Functionality
      3. Security Features

      Authentication - Passwords

      This is where you manage requirements for password edits, resets, strength and expiration.

      Password Edits & Resets

      • Days before password re-use

        Sets the number of days before the same password can be re-used. This applies to both forgotten resets, if enabled, as well as any time a user manually changes their password. A setting of 0 allows the same password to be re-used as often as the user likes.

      • Allow password edits by users

      This toggle will turn on the password resets and link expire options. If it is off, administrators must create and edit all passwords.

      The following 2 fields are dependent on this being enabled first.

      • Allow forgotten password resets

        If enabled, adds a link on the Web App login page to allow forgotten passwords to be reset. When the link is followed, the user will be able to enter their username so that a reset link can be emailed to them.

      • Number of minutes before reset link expires

        If forgotten password resets are allowed, this field sets how long the special link sent to the user by email will be usable. It is recommended that this link be kept relatively short since any user that forgets their password is likely ready to reset it as soon as the email is received. The minimum setting is 10 minutes.

      Settings below here require a subscription plan with Password Strength & Expiration Enforcement

      Password Strength

      • Require strong passwords

        If enabled, requires users to follow the following parameters when choosing a new password.
      • Minimum length

        Sets the minimum length required on any new password.
      • Require at least one uppercase

        If enabled then at least one of this type of character is required when choosing a new password.
      • Require at least one lowercase

        If enabled then at least one of this type of character is required when choosing a new password.
      • Require at least one numeral

        If enabled then at least one of this type of character is required when choosing a new password.
      • Require at least one symbol

        If enabled then at least one of this type of character is required when choosing a new password.

      Password Expiration

      • Require periodic password changes

        If enabled, requires users change their password periodically.
      • Number of days to expiration

        Sets the maximum number of days before a user must change their password.
      • Number of days to warn before expiration

        Sets the number of times a daily email will be sent to the user warning of a pending password expiration.

      New User Invites

      • Invite users to choose their first password

        If enabled, instead of the creating administrator choosing a new user's password, the user is sent an email asking them to choose their own password. This email will contain a special link to follow where they can enter their new password.
      • Body intro above invite link

        This can be used to add additional text to the invitation email, such as "Welcome to our secure FTP site".

        You can view additional New User Invite Settings here