<< Click to Display Table of Contents >>

Navigation:  Security >


Passwords are case sensitive.


ResSched lets system administrators customize how passwords are managed in Organization Settings.   Passwords are not stored in ResSched, even in encrypted form, so they can't be retrieved or disclosed.  Instead, ResSched uses a "salted hash" to authenticate the user's password on log in.  If you are not using TLS/SSL, the password input passes unencrypted to the ResSched server.  


Forgotten passwords need to be reset. System administrators can let lower access level users reset their own passwords. When a user resets their password a temporary password valid for 15 minutes is emailed to the user's primary email address with a notification emailed to the user's secondary address if available. System administrators can restrict this option to combinations of view only, reserve, and general users. Administrators must get their forgotten passwords reset by another system administrator.   Use Email for Notifications must be turned on in Server Settings.