Password Creation

Introduction

Joget offers flexible options for creating and managing passwords, including setting password rules, generating random passwords, and forcing password changes. This guide provides detailed steps to configure password policies, create initial passwords, and manage password changes effectively.

How does it work?

The password creation and management process in Joget is built around customizable rules and options. Administrators can configure password policies such as minimum length, complexity requirements, and expiration settings. Once configured, these rules apply to all users, ensuring that passwords meet security standards.

Configuring password rules

To define or modify password rules in the security plugin, follow these steps:

1. Go to System Settings > Directory Manager Settings.
2. Select Configure Plugin under the Security Enhanced Directory Manager.
3. Go to the Default Directory Password Policy to set the password rules, including minimum length and complexity.
4. Once the rules are configured, click Submit to save the settings.
   

Creating initial password

The Create User feature allows administrators to set a user's password. You can either manually create a password or generate a random one. The randomness comes from a combination of pseudo-random numbers and alphabets. Random passwords are generated based on the password policy rules defined earlier.

Checking the Generate Random Password option will allow the admin to generate a random password for the user. Unchecking this option will allow an admin to create a password for the user manually.

Managing password changes

If a user forgets their password or if an admin needs to enforce a password change, Joget provides tools to handle this.

1. Admins can check Reset Password to send a new password to the user via email.
2. To force a user to change their password on the next login, check Force Password Change.
3. Check the No Password Expiration option to disable password expiration for specific users.
   

Forcing a password change ensures that the user must update their password during the next login.

When a password change is enforced, the user will see a prompt to enter their old password and set a new one during their next login.