Security settings

The security settings of your user accounts may be customised within ResourceSpace under System Configuration.

The length, complexity and frequency of expiry of your users' passwords can be configured, as can a failed login protocol, determining when a ban is placed upon a user account or IP address.

To aid in GDPR compliance, enabled by default in config.php:


provides an additional layer of security, logging users out after a predetermined period of idleness. By default this is 300 minutes, however this may be increased or decreased, or auto logout disabled, according to your requirements.