The customer password options control the level of security that is used for password reset requests, determine the email templates that are used for customer notification, and the lifetime of the password recovery link.
- 1.Go to admin > Stores > Settings > Configuration.
- 2.In the left panel, expand Customers and choose Customer Configuration.
- 3.Select Password Options.
- 4.Edit your preferences and save.
- 5.Tap System > Cache Management > Flush Cache Storage.
Below, see the Password Options settings supported by ScandiPWA:
Password Reset Protection Type
Determines the method you want to use for managing password reset requests.
Max Number of Password Reset Requests
Determines the maximum number of requests that can be made.
Min Time Between Password Reset Requests
Determines the minimum number of minutes that must elapse between requests.
Forgot Email Template
Determines the template that is used for the email sent to customers who have forgotten their passwords.
Remind Email Template
Determines the template that is used when a password hint is sent to customers.
Reset Password Template
Determines the template that is used when customers change their passwords.
Password Template Email Sender
Determines the store contact that appears as the sender of password-related notifications.
Recovery Link Expiration Period (hours)
Determines the number of hours before the password recovery link expires.
Number of Required Character Classes
Determines the number of different character types that must be included in a password, based on the following character classes:
Maximum Login Failures to Lockout Account
Determines the number of failed login attempts until the Admin account is locked. For unlimited attempts, enter zero (0).
Minimum Password Length
Determines the minimum number of characters that can be used in a password. The number must be greater than zero.
NOTE! The minimum password length in ScandiPWA is 8 characters.
Lockout Time (minutes)
Determines the number of minutes an account is locked after too many failed attempts to log in.