Administrator Creates Initial User Records
Using the user manager, the designated administrator can add users to the system, edit existing ones, delete them, change their passwords or send safe welcome messages giving users' access.
All that is necessary to input -- at the barest minimum -- is an access level and a password, although including an email address will enable the forgotten password and announcement features, and entering a user's first and last name certainly wouldn't hurt, either.
Once the user has been entered, the administrator has the option of one of two methods of password assignment:
- User picks their own password.
This method is the most secure, and probably the most convenient for the user. The administrator simply clicks on the Generate a Default Initial Password icon. This creates a password out of an MD5-hashed UUID... This creates a password which of course is unknown; at least for now. The next step for the administrator is to simply click on the Send New User Welcome Message icon.
The user will be sent an email containing a special link asking them to visit the site, where on their arrival they will be immediately run through the password creation routine (note that the email will contain special encrypted information that authenticates the user at this address is eligible to change the password in the first place).
- System Administrator picks the password.
Passwords can be directly assigned by system administrators. However these must be communicated to users manually in some fashion. If a user already has a preferred password this mechanism allows you to use it.