Configuring Login settings

When configuring login settings, you can select the login type and set up login security options, such as throttling and login captcha.

Fastpath: Admin Console: People > Settings > Login Settings

Jive supports form-based and mixed mode user authentication, as well as throttling and captcha to make logging in a comfortable and secure procedure for any user of the community.

This topic is about configuring login security in particular. You configure registration security on the Registration Settings page, as described in Configuring self-service user registration.

Form-based login

Form-based login is necessary if you plan to implement mixed-mode authentication. For more information, see Mixed-mode authentication.

Login security

You can set up the application to discourage automated (computer-driven) registration and login. Automated registration is usually an attempt to gain access to an application to do malicious (or at least annoying) things. By taking steps to make registering and logging in something that only a human being can do, you help to prevent automated attacks.

Login throttling

Throttling slows down the login process when the user has entered incorrect credentials more than the specified number of times. For example, imagine that you set the number of failed attempts to 5 and a forced delay to 600 seconds. If users are unable to log in after more than five tries, the application forces them to wait for 10 minutes until they could try again on each subsequent attempt.

Login captcha

Login captcha displays a captcha image on the login page. The image displays text (distorted to prevent spam registration) that the person must enter to continue with registration. This is a way to discourage registration by other computers simply for access to the community to send spam messages.

The login captcha setting is designed to display the captcha image when throttling begins. In other words, after the number of failed attempts specified for throttling, the captcha image is displayed, and throttling begins. You can't enable the login captcha unless login throttling is enabled.

The captcha size is the number of characters that appear in the captcha image, and which the user must type when logging in. A good value for this 6, which is long enough to make the image useful and short enough to keep it from being too annoying.

Configuring Login settings

To configure login settings:

  1. In the Admin Console, go to People > Settings > Login Settings.
  2. If necessary, disable the Enable Form-based Login.
  3. Next to Login Throttling, select Enabled to turn on throttling, and then specify the throttling section parameters.
  4. Next to Login Captcha, select Enabled to turn on captcha, and then specify the amount of the numbers in one capture.
  5. Click Save Settings.
Attention: If only the values for Login Throttling and Login Captcha have been changed, the update will take effect after the instance restart.