On Security page click Registration and passwords to create user self-register page, password reminder, change password pages.
To create new user registration page, select the corresponding checkbox and click Choose fields to select fields that will appear on the registration page.
Select Send activation link checkbox to send email with activation link to a user after the registration. The purpose of the activation link is to ensure that the user signs up with a real, active email address that they own. This limits the number of times someone can sign up, and prevents people who have been booted off a site from signing up again multiple times with fake email addresses. User access is denied until activation link is open in the browser. Select one of the existing fields or create new one to store activation flag. This field needs to be numeric (Number, INT or TINYINT).
If you are going to use Send email to user or Remind password page options, do not forget to choose a field where user email is stored.
Restrict weak password option allows to restrict using of weak passwords. You can select minimum password length, number of unique characters, digits or symbols.
Improved password hashing.
Option to use industry standard BCRYPT hashing algorithm. Send password reset link to user's email, link expires in 24 hours.
For instance, you want to provide admin with direct access to the login table. To do so add the following code to BeforeAdd/BeforeEdit events of login table:
You can add CAPTCHA to the remind password page and new user registration page (select the corresponding Display CAPTCHA checkbox). CAPTCHA is a simple test to determine if a user is a computer or a human. It is used to prevent spam abuse on the websites. Click CAPTCHA settings and choose what CAPTCHA to use: Flash-based CAPTCHA (it is simple but doesn't work on most mobile devices) or Google reCAPTCHA.
To use Google reCAPTCHA, register your web site at https://www.google.com/recaptcha/intro/index.html, copy site key and secret key there and paste them into the CAPTCHA settings.
Remind password page with Flash-based CAPTCHA:
New user registration page with Google reCAPTCHA:
Here you can enter SMTP server settings and email which will be used to send emails to users. Note that SMTP server and SMTP server port settings may differ from the stated in the example below. Contact your Mail Service Provider to get necessary information.
To send emails via Gmail, use the following settings:
•SMTP server: smtp.gmail.com
•SMTP server port: 465
•Secure connection (SSL): On
•SMTP username: <your gmail address>
•SMTP password: <Gmail password>
If you use two-factor authentication for Gmail you need to generate and use an application specific password.