Password Reset Messages

EFT provides the option to expire passwords for users. EFT executes cleanup procedures every day at 00:00:00 UTC and at Server Startup. This daily server cleanup removes/disables inactive administrators and user accounts and sends password reset and expiration notifications for every Site.

EFT allows you to set a reminder to notify users of their pending password expiration up to 30 days prior to the password expiration date. You can configure reminder options on the Site, in the Settings Template, and for each user, from 0 (no reminder) to 30 days (5 is the default) before expiration. The reminder can be in the form of a banner message, email, or both.

EFT will send an email informing the user of the pending expiration and provides instructions on how to change the password for one or possibly all protocols if all of the following are true:

  • User's password is scheduled to expire

  • Email reminder is enabled (The password expiration options are only available if the Allow users to reset their passwords check box is selected on the Site's, Settings Template's, or user's Security tab. Each will inherit the setting from the parent.)

  • User account has an email address associated with it

A user who typically connects over FTP can login via HTTP/S to change the password.

The email reminder messages are editable files stored in the EFT directory, and accept EFT variables (for example, %days_left%), such as those shown in Event Rules. You can edit the text of the emails as described in the procedures below.

The files are stored in the APP_DAT_PATH directory (by default, C:\ProgramData\Globalscape\EFT Server) and apply to all Sites on the Server. You can also create Site-specific versions (described below).

In v8.0.5 and later, you can define how long password reset inks should remain valid. The default of 30 minutes is configurable via an advanced property, PasswordResetLinkExpirationPeriodMinutes.

To edit the password reset messages

  1. In the administration interface, connect to EFT and click the Server tab.

  2. On the Server tab, click the Server node.

  3. In the right pane, click the General tab.

  4. Next to Password reset reminder message, click the browse icon. Your default text editor (for example, Notepad) opens with the reminder text.

  5. Edit the text as needed, being careful not to delete the variables (%FULL_NAME%, %USERNAME%, %DAYS_LEFT%, %RESET_PAGE%), then save the file and close the text editor.

  6. Next to Password reset required message, click the browse icon . Your default text editor, usually Notepad, opens with the reminder text.

  7. Edit the text as needed, being careful not to delete the variables (%FULL_NAME%, %USERNAME%, %RESET_PAGE%), then save the file and close the text editor.

  8. To edit the Password reset confirmation message, open the file in your default text editor, usually Notepad.

  9. Edit the text as needed, being careful not to delete the variables (%USER.FULL_NAME%, %USER.LOGIN%, %REMOTE_IP%, %LINK%), then save the file and close the text editor.

  10. Click Apply to save the changes on EFT.

  11. Restart the Site so it can read in the new template.

To create Site-specific versions

  1. Make a copy of the existing template.

  2. Make your edits (using a text editor, such as Notepad), being careful not edit any of the variables or necessary code.

  3. Save the edited version with the Site name and an underscore prepended to the front if the filename. For example, name itMyFrenchSite_PasswordResetMsg.html

Related Topics