Content

Authentication

Login

How to set authentication settings

You can access it via Administration » Settings » Authentication.

Image201605241059_1.png

With this option, you can set how long can be someone logged in before the system automatically logs the user out (saved password for access to the system).

Image201605241059_2.png

Here you can set if a user can perform self-registration and how to do so:

Image201605241059_3.png

  • activation by email - an activation link will be sent to the registered email
  • manual account activation - administrator must activate the user. Registered users can be filtered in the user list by status - registered
  • automatic activation - user is activated on the first login

You can add a self-registered user to an existing group automatically.

Image201605241059_4.png

You may also allow Open ID logging and registration.

Image201605241059_6.png

 

Password policy

In More » Administration » Settings » Authentication » Password must include, you can enforce strong passwords to all users by defining criteria a user password has to meet, such as big letter, small letter, number, and special character. The set-up criteria will be enforced automatically since the next time a user changes his password or when creating a new user.

Easy Redmine 2018 GDPR features 20.jpg

If an entered password does not meet any of these criteria, the following error appears.

Easy Redmine 2018 GDPR features 09.jpg

Other enhancements for password enforcement can be set up in More » Administration » Settings » Authentication.

Minimum password length - enter the requested number of characters
Unique password counter - after how many password changes can a user set up the last password again
Required password after - after how many days will a user be asked by the system to change his password

Easy Redmine 2018 GDPR features 10.jpg

The following message appears few days before password expiration if "Required password after" is configured.

Easy Redmine 2018 GDPR features 11.jpg

However, the notifications about password expiration can be turned off on the user profile.

Easy Redmine 2018 GDPR features 12.jpg

 

Two-factor authentication

Two-factor authentication (2FA), often referred to as two-step verification, is a security process in which the users provide two authentication factors to verify they are who they say they are. 2FA can be contrasted with single-factor authentication (SFA), a security process in which the user provides only one factor - typically a password. To set it up, just go to More » Administration » Settings » Authentication » Two-factor authentication where you can configure the second factor - SMS or time-based one-time password (TOTP). For SMS, you need to set up your telephone number on the same page.

Easy Redmine 2018 GDPR features 21.jpg

If TOTP is globally active, the user can find enable/disable TOTP option in his user profile so that each user can customize the authentication process as per his convenience.

Easy Redmine 2018 GDPR features 22.jpg

To enable TOTP, you will be asked to scan displayed QR code or enter the plain text into a TOTP app (e.g. Google Authenticator, Authy, Duo Mobile...). The app is supposed to generate verification key that you enter back into the respective form in the next step and TOTP is thereby verified and activated.

Easy Redmine 2018 GDPR features 23.jpg

 

Corner situations

  • Q: I've configured two factor authentication in settings to use TOTP. I enabled this scheme. In my account I tried to enable TOTP and tried using the Google Authenticator app. I couldn't verify with the code generated by the authenticator app. I also tried the Microsof Authenticator app. Same problem.
    A: The problem was that our server didn’t synchronize it’s clock with NTP. So the time on the server was different then the time on my phone.
  • If you use two-factor authentication (2FA) by adding SMS scheme as required, you have to be twice as careful the SMS provider is set correctly. In another case, SMS wouldn't be sent and you will not able to log in.

Easy Redmine 2019 Free Trial

Full-featured, 30 Days, SSL protected, Daily Backups, In your Geo Location

or