Reader password security

If you're using reader accounts in any of your knowledge bases, you'll need to set up your Reader Password Security. This helps to determine:

  • Whether readers will administer their own passwords or if one of your admins will manage them
  • How many failed password attempts are allowed
  • Whether users can log in as readers
  • If readers must be accessing your knowledge base from a specific list of IP addresses

These settings are account-wide across all of your knowledge bases, though you have some options to override them in individual knowledge bases.

To review and set up these settings:

  1. Go to Your Account > Readers.
  2. When the Readers page opens, click on the Settings tab. The Reader Password Security section will display at the top:
    Reader Password Security in Your Account > Readers > Settings
  3. Password Management: Choose whether you want to manage reader passwords or have them manage their own. Self-administered passwords are the default password management option. We recommend self-administered passwords because few people have time to deal with forgotten password issues. This is an account-wide setting but can be overwritten on individual knowledge bases for accounts with multiple knowledge bases under Settings > Security. See What's the difference between admin managed and self-administered reader passwords? for more information.

    If you're using self-administered passwords, you'll also want to review the Self-Administered Reader Options, the Reader Welcome Email, and the Reader Password Reset email settings.

  4. Password Attempts: Choose whether or not you want to allow unlimited password attempts. By default, reader accounts are locked for 20 minutes following 3 unsuccessful attempts.
  5. User Logins: Choose whether to allow KnowledgeOwl users to log in as readers (recommended; on by default).
  6. Restricted IP Protection: Optionally restrict reader logins to a specific IP address or list of IPs as a form of two-factor authentication (password AND IP address).
  7. Case insensitive Logins: If using admin managed passwords, choose whether or not you want the usernames to be case-sensitive.
  8. Click the Save button at the bottom of the screen to save your changes.