Identification - Authentication

key.svg

Identification - Authentication

Authentication and identification is provided either

  • by management of identification and authentication integrated into DataChain

  • via the LDAP protocol

General: DataChain management (integrated) of identification and authentication

Security is built into every level of the DataChain solution.

The same is true for the rights and permissions that are applied at the level of each service consumed.

  • or by the Human-Machine Interfaces

  • or by the DataChain APIs

To be able to connect to a DataChain instance, a user must be referenced. To reference an user, go to the GenericsData module Logo GenericsData - User menu From HandleData module Logo HandleData Users Documentation.

Rules related to Identification, Authentication and user session in DataChain

  • Rule 1: To connect to a DataChain instance, an user must be referenced.

To be referenced in an instance, an user must provide the following information: Last name First name Login Password ** Valid email address (used in case of loss of password)

  • Rule 2: The login and password of an user cannot contain the following information

    • the username

    • the first name of the user

    • Date of birth data

    • phone number data

    • the information contained in the email address

      information A compliance test is performed when entering a login or password

  • Rule 3: To connect to a DataChain instance, an user must have a valid Login and Password.

  • Rule 4: The administrator can decide, during the deployment, to implement the obligation of a Double authentication. In this case, after entering a valid login and password, an email containing a numerical code will be sent to the email address of the account linked to the login. The user will then have to enter this code in order to complete and validate the connection to the DataChain solution.

  • Rule 4: The activation of an user account is linked to a period defined by an Effective date and a Revocation date.

    information Entering the two dates is the responsibility of the instance’s account manager (or administrator) DataChain.

    key.svg If an user tries to login outside of the period between the effective date and the revoked date, then the connection will be refused.

  • Rule 5: A password is valid for 90 days. Outside this period, the account of user is blocked and user can no longer connect. In this case, the user must necessarily redefine a new password.

    key.svg The duration of 90 days is a default duration. The instance administrator can change this setting.

  • Rule 6: If the user makes 3 connection attempts with incorrect information (incorrect login or invalid password) then the user account is blocked for 1 minute. (Note that theThe delay is configurable by the administrator of the DataChain) instance.

    key.svg In case of repeated connection attempts with error, on the 3rd connection an email is sent to the email address linked to the Login.

  • Rule 7: In the event of non-use (inactivity) of the interface by the user for a period of n seconds (configurable by user), the account of the user is logged out automatically. The user will have to identify itself again.

  • Rule 8: A maximum active session duration is also defined for each instance. If the connection time exceeds this maximum duration (with or without activity) then the user will be disconnected and will therefore have to identify themselves again to continue their work.

  • Rule 9: A user cannot be logged in more than once. In this case, when connecting to DataChain, a check is performed. If sessions are opened with the same Login, they will be revoked automatically.

  • Rule 10: When modifying a password, the user cannot enter one of the last 3 passwords already used before for this login.

  • Rule 11: When logging out of an user, all local information (Cookies and local Storage) is completely deleted.

  • Rule 12: In the case of the activation of Double Authentication, at each connection, an email containing a 6-digit numerical code will be sent to the email address linked to the login user . This code must be entered by the user in the login prompt.

  • Rule 13: The Date and Time of last connection is available in the bottom banner of the DataChain solution. This information gives the date and time of the last connection (before the current one) with this Login. If this date and time is inconsistent, then it is important to change the password for this login (Cf Changing the user password)

Connecting to DataChain

DataChain Connection

1 Login input area

2 Password input area. For confidentiality reasons, all characters entered are replaced by the character "*"

3 In the event that the user has forgotten his password, he can request its reset by clicking on the Password link forgot

4 Button to connect to DataChain

Forgot Password

Forgot password

In case the user has forgotten his password, he can use the Forgot password hypertext link.

The user must provide an email address. An email will be sent with a link to reset the password.

Changing user password

User account access

Changing the password is possible from the top banner of the DataChain solution.

Click on the user icon then choose the menu My Account 1.

The account management page is then displayed.

Click on the Password management button to access the password management page.

To change the password:

  • Specify your old password

  • Enter the new password

  • Re-enter your new password for confirmation.

GestionPwd.png

  • Save Changes

  • Make a new connection.

Authentication - Identification diagram

Diagram.png