From the Mylutece user management page, a technical admin user can define some security parameters.
The security parameters management page can be accessed from the "Users > Mylutece user management (Directory)" menu, and by clicking on the "Advanced parameters" button on the upper right of the screen.
Security parameters are located in the "Modification of security parameters values" panel.
Security parameters can be decomposed in 2 groups :
Advanced security parameters can be activated or deactivated from the "Advanced Parameters" screen. They can only be modified when they are activated.
Basic security parameters can be modified at any time.
On the "Advanced Parameters" screen, an admin user can turn on or off the advanced security parameters by clicking the upper left button.
When advanced security parameters are turned on, password encryption is set on, and the encryption algorithm is set to "SHA-256". If the algorithm was not "SHA-256", then every user's password is reinitialized and sent by email.
While advanced security parameters are on, the encryption algorithm can not be changed, nor the password encryption can be disabled. Although, it is possible to modify advanced security parameters in the "Modification of security parameters values" panel.
Security parameters can be deactivated by deleting their value, or by setting it to '0'.
To prevent users from using low security level passwords, two constraints can be applied :
The minimum length of a password can be set with the parameter "Minimum length of a password". If the value is null or '0', then users can use passwords with any length. If it is greater than '0', users will have to choose passwords longer than the given number.
If the check box "Passwords must contain upper and lower case letters, numbers and special characters" is checked, user's passwords will have to contain at least an upper and a lower case letter, a number and a special character.
Warning, the modification of this values will not force users to reinitialize their passwords.
A user can be forced to change his password
For example, if the check box "Force user's password modification after a password reset" is checked, then users will have to change their password when they reset it.
If advanced security parameters are activated, an admin user can also set a password life time. It will force users to frequently change their password.
Passwords life time, in days, can be set with the parameter "Days before a user must change his password".
Users can be forced to use new passwords when they change it. The parameter "Number of old passwords remembered" contains the number of different passwords users have to use before they can choose a password twice.
To prevent users from changing their passwords many times to be allowed to use the first one again, their is a maximum number of password change in a given time. This can be set with two parameters :
The first parameter is used to define the maximum number of password change in a given time. The second parameter is used to define the numbers of days users have to wait before they can change their passwords when they change it too many times.
For example, if the parameter "Maximum number of password change in a given time" is set to '1', and the parameter "Number of days considered for password change" is set to '1', users will only be allowed to change their passwords once a day.
To protect passwords from being discovered by attempting a huge number of possibilities, a maximum number of login trial can be set. It will use two parameters.
The first parameter is the "Maximum number of login attempt". It defines the maximum number of attempts someone can make before being blocked. The second parameter is the "Login attempt interval". It defines the duration, in minutes, a user is blocked when his login attempts failed too many times.
Each user account has a life time. If an account is not used during a given time, it expires. When an account expires, an email is send to the user so that he can update it. If he does not in the given time, then the account is definitively anonymized, and can not be used anymore.
The life end date of an account is computed when the account is created, and is updated at each login of the user. Thus, only inactive accounts expires.
Account life time, in months, can be set with the security parameter "Account life time".
Before an account expires, users are warned by an email containing a link to update it. It is possible to define the time between the expiration of an account and the first alert sent with the parameter "Time before first alert when an account expires".
Other alerts are also sent to users by email. Parameters "Number of alerts" and "Time between alerts" define their frequency.
To edit emails sent, choose in the drop down list of the "Notifications" panel the email to edit, and click the "Edit email" button.
It is possible to define the title of emails, the sender and the body. In the body, some tags are replaced with values when the email is sent. Tags are like " ${tag_key} ". The list of available tags is on the left bottom of the page.
When an account expires, it is anonymized. Data of an anonymized account are encrypted, and it can not be used anymore. Attributes to anonymized can be chosen from the the anonymization management page, accessible from the user management page ("Users > Mylutece user management (Directory)").
It is also possible to anonymize an account from the user management screen ("Users > Mylutece user management (Directory)") by clicking the "anonymize" button.