You can configure the login type and set up login security options, such as throttling and login captcha for users of your community. This article provides the procedure for configuring Jive supported form-based and mixed-mode user authentication, as well as throttling and captcha - to make login a comfortable and secure procedure for any user of the community.
Form-based login is necessary if you plan to implement mixed-mode authentication. For more information, see Setting up Mixed-Mode Authentication.
You can set up the application to discourage automated (computer-driven) registration and login. Automated registration is usually an attempt to gain access to an application to do malicious (or at least annoying) things. By taking steps to make registering and logging in something that only a human being can do, you help to prevent automated attacks.
Throttling slows down the login process when the user has entered incorrect credentials more than the specified number of times. For example, imagine that you set the number of failed attempts to 5 and a forced delay to 10 seconds. If users are unable to log in after more than five tries, the application forces them to wait for 10 seconds until they could try again on each subsequent attempt.
Login captcha displays a captcha image on the login page. The image shows the text (distorted to prevent spam registration) that the user must enter to continue with registration. Captcha is a way to discourage registration by other computers simply for access to the community to send spam messages.
The login captcha setting is designed to display the captcha image when throttling begins. In other words, after the number of failed attempts specified for throttling, the captcha image is displayed, and throttling occurs. You can not enable the captcha unless login throttling is enabled.
The captcha size is the number of characters that appear in the captcha image, and which the user must type when logging in. A good value for this 6, which is long enough to make the image useful and short enough to keep it from being too annoying.
To configure login settings:
- Navigate to Admin Console > People > Settings > Login Settings.
- If required:
- Check or uncheck Enable Form-based Login.
- Next to Login Throttling, select Enabled to turn on throttling, and then specify the throttling parameters (Number of failed attempts and Forced delay).
- Next to Login Captcha, select Enabled to turn on captcha, and then specify the Captcha size (number of characters to show in one capture).
- Click Save Settings, to apply the changes.