Configuring the Password Rules
Joget allows you to define the password rules in the security plugin. These rules can be modified or set in the following location
System Settings>Directory Manager Settings>Configure Plugin(Security Enhanced Directory Manager)>Default Directory Password Policy
Check the rules and minimum length of the password
Click on Submit to save the settings
Creating initial Password
Create User allows administrators to create a password for a user or generate a random password. The randomness comes from a combination of pseudo-random numbers and alphabets. These numbers and alphabets are taken from the password policy rules set using the process described above
Checking the generate random password will allow the admin user to generate a random password for the user and un checking the same would allow an admin to create a password for the user.
Managing Password changes
In case a user forgets a password or if an admin wants to force a change in password, Joget allows you to do this
- Admin can check "Reset Password" to send the new password to the user via Email.
- Admin can also force the user to change his password. Check "Force Password Change" to do that.
- Admin also has an option to check "No password Expiration" in case he/she doesn't want their user's password to expire.
Forcing a password change would require a user to change his password in the next login. The image below shows the screen that appears in case of forced password change. The user will have to enter the older password and the new password to complete the enforcement.