In Abiquo, you can enforce your password best practice to improve user password security and usability. And you can allow users to reset their passwords.
The password options can:
For password recovery, optionally enable reCAPTCHA V2 by adding reCAPTCHA keys to Abiquo. Request the keys from this link: https://www.google.com/recaptcha/admin#createsite
Set the public key in the Abiquo UI, in the client-config-custom.json file:
Set the private key in abiquo.properties :
If only one key is present and the other key is missing, the user will receive an error message, and they cannot recover their password.
Users can reset their password in the UI by clicking on the Forgot your password? link.
You can configure the link address in the Configuration View, but if you do not wish to allow the user to reset their password, you should edit the client-config-custom.json file and set the client password recovery value to false.
When this value is false, the link will not display.
When it is true, the default password reset link will open the following dialog.
Set up passwords in Configuration view on the Password page:
Click Edit to see more information about the range of values and the default.
For full documentation see Configuration View#Security
When you create a user, you can select an option to ensure they reset their password on login.
A user that is locked out for too many failed login attempts is marked as Suspended in Users view in both the list view and the card view.
The administrator can manually activate the account or the user can wait for the lockout period to end.
Added to LoginResource
The Abiquo events related to passwords can be found in the Users section of the Events table.