Pyramid comes with its own internal "database" authentication mechanism out-of-the-box. It involves storing user credentials in the internal database repository. All details are appropriately stored and encrypted in the database.
It is up to each customer to secure the database itself and manage access.
Basic Settings
- Provider: Internal Database.
- Initial User:
- If your internal database was created on install and you do not intend to change it, you do not need to create a new initial user.
- If you are currently using one of the other Authentication Providers, and you are changing to the "Database" provider, you will need to create an initial user account by supplying details in this page.
Authentication Security
Note: Automated password reset and password strength options are not available in the Community Edition.
- Database Authentication:
- Reset Password: How often should users be forced to change their password (every 1 to 12 months).
- Password Strength: The password strength tests to be used:
- None - No requirements.
- Medium - 6 character minimum. At least 1 alpha character and at least 1 numeric character. Cannot reuse the last 3 passwords.
- High - 8 character minimum, At least 1 upper, 1 lower, 1 numeric, 1 unusual. Cannot reuse the last 12 passwords.
Multi-Factor Authentication
Multi-Factor Authentication (MFA) is one of the ways to improve security on any application. Pyramid offers MFA as an out-of-the-box feature where relevant and appropriate, its applicability being influenced by both the chosen authentication provider and method. MFA can be enabled when configuring the authentication method.