Actions

Translations

Manage users/60/en: Difference between revisions

From LimeSurvey Manual

(Importing a new version from external source)
 
(Importing a new version from external source)
Line 1: Line 1:
'''Things to watch out for:'''
'''Things to watch out for:'''
* One time passwords have to be enabled by setting "$use_one_time_passwords = true;" (for 1.92), respective "use_one_time_passwords => true" (for 2.0 in config section) in config.php.
* To enable this login method, the line [[Optional settings#Use_one_time_passwords|<code>$use_one_time_passwords = false;</code>]] has to be set <code>true</code> in config.php (it is 'false' by default).
* The passed username has to exist in LimeSurvey's ''users'' table
* The passed username has to exist in LimeSurvey's ''users table''.
* The one time password, which can be set by an external application, has to be stored as [http://www.php.net/md5 MD5 hash] in column ''one_time_pw'' of table ''users''
* The one-time password (which can be set via an external application) has to be stored as [https://secure.php.net/manual/en/function.md5.php MD5 hash] in column ''one_time_pw'' of table ''users''.
* The passed plain text password will be hashed using md5() function and will then be compared to the stored hash in column ''one_time_pw'' of table ''users''. Both passwords have to match.
* The passed plain text password will be hashed using the sha256 function and will then be compared to the stored hash in column ''one_time_pw'' of table ''users''. Both passwords have to match.
* After the first login with the one time password this password is deleted from the database. The user won't be able to login with this password a second time.
* After the first login with the one-time password, it gets deleted from the database. The user won't be able to log in anymore with that respective password a second time.

Revision as of 20:20, 2 February 2018

Message definition (Manage users)
'''Things to watch out for:'''
* To enable this login method, the line [[Optional settings#Use_one_time_passwords|<code>'use_one_time_passwords' => true</code>]] has to be added in config.php (it is 'false' by default).
* The passed username has to exist in the LimeSurvey ''users table''.
* The one-time password (which can be set via an external application) has to be stored as [https://secure.php.net/manual/en/function.md5.php MD5 hash] in the column ''one_time_pw'' of table ''users''.
* The passed plain text password will be hashed using the sha256 function and will then compared to the stored hash in column ''one_time_pw'' of table ''users''. Both passwords have to match.
* After the first login with the one-time password, it gets deleted from the database. The user won't be able to log in with that respective password a second time.

Things to watch out for:

  • To enable this login method, the line $use_one_time_passwords = false; has to be set true in config.php (it is 'false' by default).
  • The passed username has to exist in LimeSurvey's users table.
  • The one-time password (which can be set via an external application) has to be stored as MD5 hash in column one_time_pw of table users.
  • The passed plain text password will be hashed using the sha256 function and will then be compared to the stored hash in column one_time_pw of table users. Both passwords have to match.
  • After the first login with the one-time password, it gets deleted from the database. The user won't be able to log in anymore with that respective password a second time.
Retrieved from "http://manual.limesurvey.org/index.php?title=Translations:Manage_users/60/en&oldid=85719"