6.2.5. Password recovery

<< Prev   Next >>

1C:Enterprise offers several ways to recover a forgotten user password. There are several settings that control this functionality. Some of them are located in the infobase user properties and the others are contained in the settings dialog box:

  • User settings:
    • Email address. Email address to which the code required to set a new password will be sent.
    • User cannot recover the password. If you select this check box, you will not be able to recover your password by email. You will be able to do it only with the help of the infobase administrator.

      The option to recover a password by navigating to a URL (for example, to a website) depends on the logic of this page.

  • The dialog box of password recovery functionality is located in the Designer menu: Main menu – Administration – Additional authentication settings. The dialog box features are described below in this section.

The Additional authentication settings dialog box allows you to control the availability of various password recovery functionalities and configure their settings. Here you can also specify a link to the help information that can be accessed from the dialog box for entering the username and password.

https://kb.1ci.com/bin/download/OnecInt/KB/1C_Enterprise_Platform/Guides/Administrator_Guides/1C_Enterprise_8.3.22_Administrator_Guide/Chapter_6._Infobase_administration/6.2._Maintaining_user_list/WebHome/en_image048.pngFig. 49. Additional authentication settings

Let's have a look at the settings in more detail.

Additional information

Select the Show the "Need help?" link check box to set the value of the Link address property. In this field, enter a URL to follow when clicking the Need help? hyperlink in the authentication dialog box. The parameters of the data area for which the authentication dialog box is opened will be added to this hyperlink before navigation. Data area parameters are set in the same way as Z client startup command-line option. The resulting URL will be as follows: URL?Z= "separator values".

Password recovery option

This group contains parameters to automatically recover the user password. You can recover the password using either a web page or a recovery code sent by email. You cannot select both password recovery methods at a time.

For OpenID authentication, the password is changed on the side of the authentication provider because it performs authentication. Once the password is changed, the user navigates to the provider authentication form. In this case, the password recovery method depends on capabilities provided by the OpenID provider used.

The Follow the URL check box enables password recovery by opening a web browser page whose address is specified in the Link address property of the setup dialog box. The parameters of the data area for which the authentication dialog box is opened will be added to this hyperlink before navigation. Data area parameters are set in the same way as Z client startup command-line option. The resulting URL will be as follows: URL?Z= "separator values". Implement the whole password recovery logic on the page whose address is specified in the settings.

Select the Send the code to the email check box to enable password recovery by sending a code to the user email address. In this case, the following dialog box is opened:

https://kb.1ci.com/bin/download/OnecInt/KB/1C_Enterprise_Platform/Guides/Administrator_Guides/1C_Enterprise_8.3.22_Administrator_Guide/Chapter_6._Infobase_administration/6.2._Maintaining_user_list/WebHome/en_image049.pngFig. 50. Email address input window

If the email address specified in the dialog box exists, the confirmation code will be sent to this address and the following dialog box will be shown:

https://kb.1ci.com/bin/download/OnecInt/KB/1C_Enterprise_Platform/Guides/Administrator_Guides/1C_Enterprise_8.3.22_Administrator_Guide/Chapter_6._Infobase_administration/6.2._Maintaining_user_list/WebHome/en_image050.pngFig. 51. Entering a confirmation code and a new password

This dialog box specifies the address the email was sent to. It also prompts the user to enter a confirmation code from this email and a new password. When you specify a new password, its length and complexity are checked if it is required in the current infobase. To use a system-generated password, click Generate password. Such password will meet all the established requirements for user passwords. For more information on system-generated passwords, see article Setting password.

If the specified email address does not match any user, a diagnostic message will be displayed. If the user is not allowed to recover their password, an error will be displayed after entering the email address.

The dialog box with additional authentication settings also contains the following parameters:

  • Code length. Specifies the length of confirmation code to set a new password.
  • Maximum number of failed attempts to enter the code. Specifies how many times the user can make mistakes when entering the confirmation code. Once the maximum number of attempts is exceeded, the received code becomes invalid. The user needs to request a new code to recover the password.
  • Lock duration of confirmation code update request. Interval between two consecutive requests for a password change verification code.
  • Use standard sending service. Allows you to send a verification code via the standard 1C:Enterprise email service. In this case, you cannot change the sender, subject, format, and content of the email message. Emails will be always sent from <recoverypassword@1c.com >.

    If this check box is cleared, you can configure parameters for sending verification code messages. Specify these parameters in the Sender parameters group.

Sender parameters group

In this group, you can specify verification code message parameters and parameters of an email server used to send them.

Specify sending parameters using the following parameters:

  • SMTP server address. Specifies the SMTP server address.
  • SMTP user and SMTP password. Contain the username and the password required for authentication on the SMTP server.
  • SMTP port. Network port used for the SMTP protocol:
    • Port 465 for secure connections (used by default).
    • Port 25 for unsecure connections.
  • Use SSL. Specifies that SSL must be used to connect to the SMTP server.

The email parameters are set using the following properties:

  • Sender name. Text to be displayed in the email message as the email author (the From field).
  • Message header. Text to be specified in the message header (the Subject field).
  • Message text. Opens the HTML document editor to write a message. You can use the following pseudovariables to specify the changing parts of the email:
    • UserPresentation. Full user name.
    • VerificationCode. Confirmation code to change the password.
    • ApplicationPeresentation. Presentation of the configuration used in the current infobase.

      The variable values must begin with "&", for example: Good afternoon, &UserPresentation!.

You can also set up password recovery using 1C:Enterprise language. For this purpose, you can use the AdditionalAuthenticationSettings global context property.

<< Prev   Next >>

Icon/Social/001 Icon/Social/006 Icon/Social/005 Icon/Social/004 Icon/Social/002