We have made some changes to the password management for registered users.

With this change the administrator no longer has to create a temporary password for a new user to log in for the first time.

When a new user account is created, the user will receive an email based on the template "New User Account". This email will include a link to a page where the new user is prompted to enter a password for their account. Each new user account must be assigned an email address when the account is created. The input for email address is therefore mandatory when creating new user accounts.

When creating a user account we recommend using the user's email address as the login. The user's email address is unique to the user and is commonly used as login for social media sites and other online services. Although we recommend using an email address as the login, other values like the first name or initials etc are permissible as well.

If an email address is used as the login it will automatically be copied to the email address field, unless this field already has a value (an already entered email address will not be replaced).

Administrators can generate a request to reset the password for a user, if needed. This will send an email to the user with a link to reset their password. The links for new user accounts or administrator requests to reset the password are valid for 3 days.

If a user clicks on the 'forgot password' link on the login form the link in the email will be valid for one hour.

Users can, at any time, log in and create a different password for themselves of their own choosing.