| Authentication method: |
Tiki supports several different methods of user authentication. Choose between:
Just Tiki: Tiki will use its internal user database
Web Server: Tiki will use your web server's authentication
Tiki and Pear: Tiki will use both its internal user database and Pear::Auth, which will allow LDAP authentication.
Tiki and PAM
CAS
Shibboleth
OpenID and Tiki (introduced in 2.0)
The External Authentication page has details on each of these methods. |
| Users can register: |
If enabled, this will allow users to register, using the webform. The Login module will include a Register link. If disabled, the admin will have to create new users manually on the Admin Users page.
Login module with Register link.
|
| but need Admin validation: |
If enabled, each user registration must be validated by the adminstrator. After a new user completes the reregistration form, a validation request will be sent to the administrator (defined by the Sender email field on the General Admin page. The administrator must validate the user before the user can login.
See the Configuring User Validation page for details on this procedure. |
| Create a group for each user |
If enabled, Tiki will automatically create a group for the user. The group name will be the same as the user name.
See Groups Management for more information on using groups. |
| Use tracker for more user information |
If enabled, Tiki will display a tracker form for the user to complete, as part of the registration process. Use this tracker to store additional information about each user.
See User Tracker for details. |
| Use tracker for more group information: |
Use a tracker to store additional information about each group. See Group Tracker for details. |
| Request passcode to register: |
If enabled, the user must enter a passcode before they can register. You can create any alphanumeric passcode. You will have to inform users of this passcode before they can register.
This can be used in sites where users are invited or they receive a passcode after paying a fee or something like that. Semi-private or semi-public sites may enjoy this feature.
|
| Prevent automatic/robot registration: |
If enabled, Tiki will display a CAPTCHA on the registration form to prevent spambots from registering.
You must have the GD Image Processing library installed on your server.
Register with Antibot code
|
| Use login as email: |
If enabled, the user's email address will be used as their login. On the registration form, there will be no Username field.
Register with Email as Login.
|
| Validate users by emails: |
If enabled, Tiki will send an email message to the user. The message contains a link that must be clicked to validate the registration. After clicking the link, the user will be validated. You can use this option to limit false registrations or fake email addresses .
Note: Your Tiki must have access to the php (@mail) function. to send the registration email. |
| Validate users email server: |
If enabled, Tiki will attempt to validate the user's email address by examining the syntax of the email address. It must be a string of letters, or digits or _ or . or - follows by a @ follows by a string of letters, or digits or _ or . or -. Tiki will perform a DNS lookup and attempt to open a SMTP session to validate the email server.
Note: Some web servers may disable this functionality, thereby disabling this feature. If you are not in in a high security site or if you are on an open users site, do not use this option. |
| Remind passwords by email: |
If enabled, the I forgot my password will be displayed in the Login module. If a user forgets their password or username, they can reset their account by entering either their username or email address. Tiki will send the user an email with their email or instructions on resetting their password (depending on the setting of the Store plainword passwords setting).
|
| Store plaintext passwords |
If enabled, the email generated by the Remind passwords by email setting will include the user's passowrd in plaintext. If disabled, the email will include a link that will allow the user to select a new password. |
| Crypt password method |
Specify how Tiki encrypts passwords in the database. |
| Registered Users can change password.: |
If this is enabled, registered users can change their password from their User Preferences page. If not, passwords can be changed only by the admin. |
| Reg users can change theme |
If enabled, registered users can select their own theme from their User Preferences page. Click on Restrict Available Themes to select the themes you want to make available to the user.
Note: Tiki determines the available themes by the .CSS files in your ../styles directory. |
| Reg users can change language |
If enabled, registered users can select their own interface language from their User Preferences page. Click on Restrict Available Languages to select the themes you want to make available to the user.
Note: Tiki determines the available languages by the .PHP files in your ../lang directory. |
| Minimum and Maximum username length: |
The minimum (default = 1) and maximum (default = 50) number of characters for a valid username. |
| Force lowercase username: |
If enabled, Tiki will automatically convert all alphabetic characters in the username to all lowercase letters. For example JohnDoe becomes johndoe.
See Case in Usernames? for a discussion of case in the various versions of Tiki. |
| Username pattern: |
This regex pattern force and forbid the use fo certain characters for username. The default pattern is /^[ '\-_a-zA-Z0-9@\.]*$/ but it can be changed to fit your use. For example to add hebrew characteres in username it have to be set to /^[ '\-_a-zA-Z0-9@\.א-ת]*$/ |
| Use challenge-response authentication |
If enabled and the user's browser supports JavaScript, passwords ARE NOT SENT across the network. Instead, a challenge response algorithm is used. Tiki generates a challenge code and the browser sends a response based on the challenge that Tiki verifies to login the user. Challenge responses cannot be reused. This method, if enabled, strongly enforces the security of your user passwords. If you use this option, you don't need an HTTPs connection for extra security. The drawback to this method is that users will have to enter their email address every time they login — three boxes to fill in not two. |
| Force to use chars and numbers in passwords: |
If enabled, Tiki will require user passwords to contain both letters and numbers. Use this option to force users to select stronger passwords. |
| Minimum Password Length: |
Select the minimum number of characters for user passwords. The default 1. Increase this option to force users to select stronger passwords. |
| Password Invalid after days: |
The number of days after which a password will expire. Days are counted starting with the user's first login. When the password expires, users will be forced to select a new password when logging in.
Note: In version 1.9.8.3, use 999 to never expire. In version 2.0 use -1 to never expire. |
| Re-validate users by email after days: |
The number of days after which an email will be sent to the user with a link to revalidate the account. The user will not be able to login (that is, the account will be invalid), until the user clicks the link. Use this feature to verify that a user's email is still valid. Use -1 to never re-validate users.
This feature was introduced in release 2.0. |
| Re-validate user by email after unsuccessful logins: |
The number of unsuccessful login attempts after which Tiki will "lock" the account and attempt to re-validate the user by email. Use this feature to protect user accounts against brute-force attacks. Use -1 to disable this feature.
This feature was introduced in release 2.0 |
| Generate a password option: |
If enabled, Tiki will include a button on the registration form that will automatically generate a very secure password for the user.
Note: The generated password may not include any restrictions (such as minimum/maximum length.
This feature was introduced in 2.0. In earlier versions, the Generate button was always displayed on the registration form. |
| HTTPS Login: |
Specify if Tiki supports secure (HTTPS) logins. Choose between:
Disabled
Allow
Encourage
Consider always
Require
If enabled, the Login module will include links for Secure or Standard login.
|
| HTTP Port and URL: |
If HTTPS is enabled, include the URL and port for your HTTPS server.
For example, if you access your site as http://tikiwiki.org:2038, enter the port here. |
| Remember me feature: |
Use this option to have Tiki remember users. They will automatically be logged in if they leave, then return to the site. Choose between: Disabled
User's choice
Always
You can define the duration (length of time) that Tiki will "remember" the user. If "User's Choice" the Login module will include a "Remember me" checkbox.
Login module with Remember me.
|
| Remember me name: |
Filename of the cookie placed on users computer. Example: yourdomain |
| Remember me domain: |
Domain name for the Tiki site. Example: .yourdomain.com |
| Remember me path: |
Path to your TikiWiki installation, if not in root directory. The path is appended to the domain. Example: / |
| Protect against CSRF with a confirmation step: |
Enable this option to protect your site against Cross Site scripting (CSRF), a common method of hacking a site. If Tiki detects a possible CSRF attack, a confirmation prompt will be displayed to verify that the action is valid. |
| Protect against CSRF with a ticket: |
What is this setting used for? |
| Highlight Group: |
Help What is this setting used for? |
| User can choose their group at registration time: |
Use this feature to allow a new user to select a group to join, as part of the registration process. The groups you select here will be displayed on the registration form.
This feature was introduced in release 2.0 |
| Display user's contribution in the user page: |
If enabled, the user's User Information page will display a list of all objects (such as wiki pages, image galleries, etc.) that the user has edited. |
| Display Tracker Information on User page: |
If enabled, displays UserTracker informations in user information page. Format: trackerId,fieldId1,fireldId2,...: |
| Deactivate login autocomplete |
Use to desctivate the autocomplete in the login box. The autocomplete features can be optionally set in the user's browser to remember the form input and proposes the remember the password. If enabled, the user login and password can not be remembered. You should enable this feature for highly secure sites.
This feature was introduced in release 2.0. |
| On permission denied, display login box: |
If an anonymous visitor attempts to display a page that they do not have permission to view, Tiki will display the Login module. This allows the visitor to login, then display the page.
This feature was introduced in release 2.0. |
| On permission denied, send to this URL: |
If a user attempts to display a page that they do not have permission to view, Tiki will forward the user to the specified URL.
This feature was introduced in release 2.0. |
![[Show/Hide Right Column]](pics/icons/orightcol.png "[Show/Hide Right Column]"){kind=icon}
,
,
and
In Progress