Password and Authentication
Tab "Authentication"
1 Use security levels/passkey
OpenOlat has a a three-stage security concept:
Step 1: Password only
Step 2: Passkey only
Step 3: Passkey + Password
Switching on activates the option for level 2 and 3 and the other configuration options for administrators are displayed.
2 Start button for OpenOlat Login
By switching this on, a button is displayed on the login page instead of the input field for the user name, with which the input field can be called up.
Purpose:
If the primary login method is not the OpenOlat login, then the input field for the OpenOlat login should often not be displayed directly and prominently. An input field has a high prompt character and users immediately enter their (incorrect) login name instead of considering the other login options.
With a button next to other buttons (other login options), the decision for a specific login procedure is more considered.
3 Security level per role
The levels set here define the minimum requirement for the respective role.
4 Increase the security level yourself
With the "Increase security level yourself" option, account holders can decide for themselves whether they want to switch to a higher security level. It is not possible to downgrade below the minimum level set by the administrator.
5 Expert
If the security level has been increased by an administrator, the persons concerned will be asked to set up a passkey when they log in. This setting determines how often a user can skip this prompt.
Tab "Password Syntax"
As the administrator, you define here which criteria a password must fulfill. A minimum and maximum length must be defined.
Tab "Password change policy"
Here you can define how often users have to change their password and whether a password can be reused. The lifetime of the password can be defined for each role.