A user must first exist in the database as an object in a class (type) that is configured to allow users.
A user account (regular users and admin users) has the following editable data:
- Password (encrypted)
- Email (VarChar(250))
- Expire Date – the user will automatically be removed
User passwords must be changed at the first login and every 180 days following.
User passwords are stored in the database using a secure one-way encryption method with double salt. For this reason passwords cannot be reverse engineered or recovered if forgotten.
Minimum password requirements:
- At least 6 characters in length
- Not in the list of 5,000 common passwords
- Not the last password repeated
Users may change their password in their settings tab. Alternately, you can reset a password in the user’s tab.
You can set an automatic expire date for users. During the overnight job (which usually runs between midnight and 2am) the users set to expire ill be automatically deleted.