b2evolution b2evolution

  • Sign in
  • Sign up
  • About
  • Downloads
  • Hosting
  • Docs
  • Support
  • Sign in
  • Sign up
  • Manuals Home
  • Latest Updates
 
  1. b2evolution CMS User Manual
  2. Back-office Reference
  3. Users
  4. Settings
  5. Registration
  6. Login & Registration Security Panel

Login & Registration Security Panel

Login & Registration Security Panel

This panel allow to control the security settings for login and registration:

Encryption

  • Require SSL: Requires to use https: (NOT http:) for transmitting passwords. In order for this to work, your site must be properly set-up for SSL.
  • Password hashing during Login: This is useful when you are on http:. It is redundant if you are on https:. You should turn in off when using https:/SSL.

HTTP Authentication / HTTP Authorization

HTTP Authentication: allows to log in to b2evolution using an HTTP Authorization header, like the "HTTP BASIC AUTH" scheme.

  • The first checkbox will return a 401 Unauthorized HTTP response code when requiring a log in. This may be needed to trigger client / proxies to send the Authorization: <type> <credentials> HTTP Header.
    Checking this automatically check the second checkbox below:
  • The second checkbox will accept an Authorization: <type> <credentials> HTTP Header on any page of the site (if no user logged in yet) and automatically log in the user. b2evolution will accept the Authorization: <type> <credentials> header on any page, no matter if a 401 Unauthorized was sent before and no matter if authentication is required or not.

Username & Password Complexity

  • Minimum password length:, Require specials characters:, Require strict logins: allow to control username & password complexity.

In this panel, you can modify the required password length, enable strict logins, require SSL, enable password hashing during login, and choose whether or not special characters are required for the user-generated passwords.

Tags: 7.1.4
Created by fplanque • Last edit by fplanque on 2020-06-11 21:32 • •

No feedback yet

On this page

  • Encryption
  • HTTP Authentication / HTTP Authorization
  • Username & Password Complexity

Search the Manual

Content Hierarchy

  • b2evolution CMS User Manual
  • User's Guide
  • Installation / Upgrade
  • Front-office Reference
  • Back-office Reference
    • Site
    • Collections
    • Files
    • Analytics
    • Users
      • User List
      • Groups
      • Organizations
      • Stats
      • Settings
        • Profiles
        • Registration
          • Login & Registration Security
          • Standard Registration
          • Quick Registration
          • Other Registration Methods
          • Options for All Registration
          • Account Activation
          • Default User Settings
        • Invitation Codes
        • Display
        • User Fields
        • Account Closing
      • User Tags
    • Messages
    • Emails
    • System
    • Working with Results Tables
  • Developer Reference
  • Operations Reference
  • Advanced Topics
  • Glossary
  • Archives
Responsive CMS

This online manual is powered by b2evolution CMS – A complete engine for your website.

About b2evolution

  • What is it?
  • Features
  • Getting Started
  • Screenshots
  • Online demo
  • Testimonials
  • Design philosophy
  • Free & open source
  • Terms of service

Downloads

  • Latest releases
  • Skins
  • Plugins
  • Language packs

About us

  • About us
  • Contact

Webhosting Guide

  • Web hosting blog
  • Best web hosting
  • Cheap web hosting
  • Green web hosting
  • Hosting with SSH
  • VPS hosting
  • Dedicated servers
  • Reseller hosting
  • Int'l: UK / France

Docs & Support

  • Online manual
  • Forums
  • Hire a pro !

Other

  • Adsense
  • Press room
  • Privacy policy

Stay in touch

  • GitHub
  • Twitter
  • Facebook
  • LinkedIn
  • News blog
  • RSS feed
  • Atom feed

Founded & Maintained by François Planque