Actions

Translations

Manage users/60/en: Difference between revisions

From LimeSurvey Manual

(Importing a new version from external source)
 
(Importing a new version from external source)
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
'''Things to watch out for:'''
'''Things to watch out for:'''
* One time passwords have to be enabled by setting "$use_one_time_passwords = true;" (for 1.92), respective "use_one_time_passwords => true" (for 2.0 in config section) in config.php.
* To enable this login method, the line [[Optional settings#Use_one_time_passwords|<code>'use_one_time_passwords' => true</code>]] has to be added in config.php (it is 'false' by default).
* The passed username has to exist in LimeSurvey's ''users'' table
* The passed username has to exist in the LimeSurvey ''users table''.
* The one time password, which can be set by an external application, has to be stored as [http://www.php.net/md5 MD5 hash] in column ''one_time_pw'' of table ''users''
* The one-time password (which can be set via an external application) has to be stored as [https://secure.php.net/manual/en/function.md5.php MD5 hash] in the column ''one_time_pw'' of table ''users''.
* The passed plain text password will be hashed using md5() function and will then be compared to the stored hash in column ''one_time_pw'' of table ''users''. Both passwords have to match.
* The passed plain text password will be hashed using the sha256 function and will then compared to the stored hash in column ''one_time_pw'' of table ''users''. Both passwords have to match.
* After the first login with the one time password this password is deleted from the database. The user won't be able to login with this password a second time.
* After the first login with the one-time password, it gets deleted from the database. The user won't be able to log in with that respective password a second time.

Latest revision as of 17:38, 3 May 2022

Message definition (Manage users)
'''Things to watch out for:'''
* To enable this login method, the line [[Optional settings#Use_one_time_passwords|<code>'use_one_time_passwords' => true</code>]] has to be added in config.php (it is 'false' by default).
* The passed username has to exist in the LimeSurvey ''users table''.
* The one-time password (which can be set via an external application) has to be stored as [https://secure.php.net/manual/en/function.md5.php MD5 hash] in the column ''one_time_pw'' of table ''users''.
* The passed plain text password will be hashed using the sha256 function and will then compared to the stored hash in column ''one_time_pw'' of table ''users''. Both passwords have to match.
* After the first login with the one-time password, it gets deleted from the database. The user won't be able to log in with that respective password a second time.

Things to watch out for:

  • To enable this login method, the line 'use_one_time_passwords' => true has to be added in config.php (it is 'false' by default).
  • The passed username has to exist in the LimeSurvey users table.
  • The one-time password (which can be set via an external application) has to be stored as MD5 hash in the column one_time_pw of table users.
  • The passed plain text password will be hashed using the sha256 function and will then compared to the stored hash in column one_time_pw of table users. Both passwords have to match.
  • After the first login with the one-time password, it gets deleted from the database. The user won't be able to log in with that respective password a second time.
Retrieved from "http://manual.limesurvey.org/index.php?title=Translations:Manage_users/60/en&oldid=173662"