Logging In / System Access

From Charitylog Manual
Revision as of 09:49, 9 July 2024 by Alanconway (talk | contribs) (Password Rules)
Jump to: navigation, search
Helpheader small.png

PAGE UNDER CONSTRUCTION


Security Rules

Password Rules

Oprulespasswords.png

The Password Rules tab contains system-wide settings relating to user passwords. On this screen you will see:

  • Do not allow the reuse of previous - It would be recommended that this has at 10 previous passwords denied.
  • Number of Days Before User Password Change Required - If set to zero then users will never be prompted to change their password. A typical time period is 60 days, this is around two months.
  • Minimum Password Strength

Charitylog has an in-built strength checker which can force the users to create stronger passwords. This can look at commonly used words and the overall perceived strength of the chose password. Users are then prevented from using a weak password, even though it may have met conventional rules about the number of characters used. The default option is set to Strong. We would recommend users are coached to choose a stronger password by combining random/memorable words into a single phrase. For example, the password Purplemonkeydishwasher is much easier to remember and stronger than Pa55w0rd. In short, length is strength and the longer the password is, the more secure it is. But remember to make it easy for the user to remember but personal to them so only they would know.

If you have contractual requirements for specific password strength rules, you can click on the chevron which reveals the below options.

  • Minimum Length of User Passwords - This specifies the minimum length that a users password can be. We would recommend at least seven to eight characters.
  • Minimum Number of Upper Case Characters In Password - It is recommended that you include at least one uppercase character.
  • Minimum Number of Non Alpha-numeric Characters (_:!&()?-@,.+) in Password - It is recommended that you include at least one special character.
  • Maximum Number of Identical Consecutive Characters In Password - Allowing consecutive characters can make a weak password. Example; aaaaaaa1
  • Allow User's System Username In Password - It is recommended to set this to "Do not Allow".
  • Allow User's Real Name In Password - It is recommended to set this to "Do not Allow".
  • Allow Organisation Name In Password - It is recommended to set this to "Do not Allow".
  • Allow Browser to Save Username and Password - It is recommended to set this to "Do not Allow".

Single Stage Login

Welcome Message

Organisation Password

External Links

Retrieved from ‘https://wiki.dizions.co.uk/index.php?title=Logging_In_/_System_Access&oldid=17931