The Username and Password login page

The login page that the user will actually see will depend on his chosen authentication method.

Useranme and Password login form

The above image shows the "Username & Password" connection type. The system also allows us to set up this page to use other types of information rather than username, e.g., email or phone. You can configure this on the Authentication Connection. It is important to notice that both requested user credentials are case sensitive. This differs from most traditional login pages where only the password is case sensitive.  The reason we require the unique identifier (username) to be unique is because it is also a claim in our system and claim values are, in fact, case sensitive. Allowing different values would result in claim values that service providers will see as not being the same.

When the user‘s password is expired, he will be asked to reset the password after login:

Useranme and Password reset password form

After successfully changing the password, the user will be able to return to the login page.

Note: for security reason, if the number of times user input wrong old password exceeds value specified by Maximum number of allowed authentication attempts before password must be reset, that user will be disabled to prevent brute-force password attack.

Useranme and Password reset password success form

Identify provides the "Forgot password? Click here!" feature to help users retrieve lost passwords. Simply fill in the form and we will email you the instruction.

Useranme and Password forgot password form

To avoid this page revealing any information about existing names or emails in the system, it will show your request to be successful, regardless of whether the stated email or name does in fact exist in the system. Therefore, it is important that you insert the correct information here or you might be waiting for that email for a very long time.

However, there are also other reasons why an email might not be sent. Validate the following settings of your system if you do not think this feature is working properly:

  • Ensure that a claim has actually been specified in the system as the one containing users' emails (on the System Setup' tab).
  • The system only allows one request per hour per user to avoid spamming.
  • Ensure that you configured the mail server correctly (on the Email Configuration page).
  • Ensure that the email did not end up in your mail system's spam filter.

After five failed attempts to access, the user account will be closed down and require the reset password feature to re-enable the account. After receiving the reset password email, you can navigate to the following page via the reset link:

Useranme and Password forgot password after five times failure form

This article only explained the process of logging in. If you are interested in actually setting up this page, please go to the Username&Password Authentication Connection.