Security features

Random passwords

In OpenProject 3.0 it is possible to assign random passwords to users (either when creating or updating users).
The randomly created passwords provide a better password protection.
Random passwords can be assigned in the user configuration in the system settings.

Random password


Stronger passwords through required characters

In order to improve password security, it is possible to define a minimum password length, as well define which character classes are required.
When passwords do not meet these standards, an error message is displayed, notifying the user of the insufficiency.

required characters in passwords


Limited password validity

Additional security is provided by the option to configure a time frame after which a password change is enforced.
After the specified time frame, users who try to log in are required to change their password.


limited password validity

Limited re-usability of passwords

The re-usability of passwords can be configured so that the same password cannot be used multiple times.
Users are notified that they cannot use the same password again when trying to change their password.