Skip to main content

Admin Users

Admin / Administration / Users

Passwords

Requirements

Passwords require:

  • At least 8 characters
  • At least one number
  • At least one upper case character
  • At least one lower case character
  • At least one special characters from the following: @#$%^&+*!=
  • Not be part of a known data breach as provided by Have I Been Pwned

Password Resets

Forgotten Password

A user can reset their own password by requesting a forgotten password email from the login screen. This will require them to enter a new password meeting the criteria detailed here.

Forgot Password
Reset Password

Force Reset

A user with sufficient permissions to access to the Admin User module can also force a user to reset their password by ticking the Force Password Reset checkbox. This will require the user to know their current password and enter a new password meeting the criteria detailed here.

Edit Admin User
Edit Admin User Force Reset
Force Reset On Login

Reset By Admin

Alternatively, if the user does not rememeber their current password and is having trouble with the Forgotten Password process, it can be reset on their behalf via the Admin User module by a user with sufficient permissions. The new password entered here also needs to meet the criteria detailed here. When the user logs in with their new password, they will be asked to update it with a new password meeting the criteria detailed here.

Edit Admin User
Edit Admin User Password
Force Reset On Login

Reset By Breach

We periodically check passwords against known data breaches using the Have I Been Pwned service. If your password is part of a known breach, the account will be forced through the Account Lockouts process.

Account Lockouts

If a user fails to log in 5 or more times without a successful login, or the users password is found to be part of a data breach, their account will be blocked. They will not be able to reattempt logging in for 5 minutes. Each failed attempt when the account is blocked will result in another 5 minute timeout.

Locked On Login

Unlock By Forgotten Password

A blocked user can attempt to lift the block themselves by requesting going through the Forgotten Password process.

Unlocked By Admin

An account block can be added or removed by a user with sufficient permissions to access the Admin User module by unchecking the Account Locked checkbox.

Edit Admin User
Edit Admin User Locked