Configure Username and Password as the Authentication Method
By default, the application provides the Username/Password authentication method for the users to sign in using their email ID and password. This authentication method requires users to provide a valid email ID and password combination as configured in User Management to sign in to the application.
To configure the Username/Password authentication method, do the following:
Go to Admin Panel > Configuration > Authentication.
Select Username/Password and click Edit at the top-right corner.
On the top-right, enable Activate Authentication.
Enter the following details:
Forgot Password: Enable this option to allow users to click Forgot Password and reset their password from the sign-in page. If you disable this option, the Forgot Password? link will not be available on the sign-in page, and only administrators can reset the user passwords. By default, this option is enabled.
Note
You can enable the Forgot Password setting if an email server is configured in the application.
Create Password for New Users: Enable this option to allow administrators to configure a temporary password while adding new users in User Management. For more information, see Create User.
Authenticate for New Sessions: Enable this option to make an authentication session token valid for the current session only. Users must sign in again for every session to access CFTR from a new tab or window of the same browser.
Two-Factor Authentication: Enable this option to authenticate the users using the username and password and a One-Time-Password (OTP). By default, this option is disabled. Two-factor authentication adds an extra layer of protection from accessing the applications. Select one or both of the following two-factor authentication types:
Email: Requires an OTP that is sent to the email ID of the user.
TOTP: Requires an OTP from the configured TOTP authentication application. Users must configure a TOTP authentication application from the sign-in page, such as Google Authenticator and Okta.
Note
You can enable Two-Factor Authentication if an email server is configured in the application.
OTP Expiration Time: Enter the OTP expiration time in minutes. Once expired, users must generate a new OTP. For example, 5 Minutes.
Password Link Expiration Time: Enter the expiration time in minutes for the password reset link. Once expired, users must request a new password reset link. For example, 60 Minutes.
Password Reuse Policy: Enable this option and enter the count after which users can reuse a previously used password. For example, 5. If this option is disabled then users can reuse previously used passwords without any restriction.
Password Reset Interval: Enable this option and enter the days from the last password change after which users must reset their password. CFTR requests users to change the password after the specified interval expires. This value must be at least two days. If this option is disabled then the sign-in password of the users does not expire.
Password Expiry Notification: Enable this option and enter the days before the password expiration day to notify users about the password expiry. Users receive an email notification to reset their passwords. This value must be at least 1 day. If this option is disabled then users will not receive the password reset email.
Lock Users upon Failed Login: Enable this option to temporarily lock user accounts after a specific number of failed sign-in attempts. Enter the maximum number of failed sign-in attempts after which user accounts are locked either temporarily or permanently. For example, 5.
Password Format: Enable this option to apply the password format for the users. Enter the following details to configure the password format:
Characters: Enter the minimum number of characters that a password must include. The minimum password length should be at least 8 characters.
Password Character Combination: Select at least three of the following character types that must be included in the password:
Lowercase
Uppercase
Numbers
Special Characters
Click Save.