Login & Registration


Let us know by posting here.

The Login & Registration section in Concrete CMS's System and Settings is designed to manage user access, authentication, and account settings. This section is crucial for ensuring a secure and user-friendly login process.

Account Options

Account Options involve settings related to user account management and registration.

Account Management

  • Registration Settings: Control how users can register (automatic, manual approval, or disabled).
  • Email Verification: Choose whether to require email verification for new accounts.

Login Destination

This feature sets where users are directed after logging in.


  • Custom Redirect: Set a specific page or a default area where users are redirected post-login.
  • Dynamic Redirection: Option to return users to the page they were viewing before logging in.

Public Profiles

Public Profiles settings manage the visibility and content of user profiles.

User Profile Options

  • Profile Accessibility: Decide if user profiles are public and what information is visible.
  • Profile Customization: Enable users to customize their public profile settings.

Authentication Types

Authentication Types control the methods through which users can authenticate.

Authentication Methods

  • Standard and External: Options include standard Concrete CMS login or external services like OAuth.
  • Multi-factor Authentication: Implement additional security layers for user authentication.

Global Password Reset

Global Password Reset forces all users to reset their passwords.

Use Cases

  • Security Breach: Useful in situations where a security breach may have compromised user passwords.
  • Policy Update: Enforce password changes when updating security policies.

User Deactivation Settings

Manage the conditions under which user accounts are automatically deactivated.

Deactivation Criteria

  • Inactivity Threshold: Set a duration of inactivity after which accounts are automatically deactivated.
  • Reactivation Process: Configure the process for users to reactivate their accounts.

Automated Logout

Automated Logout deals with automatically logging out users after a period of inactivity.

Security Enhancement

  • Inactivity Timeout: Set the time of inactivity after which users are automatically logged out.
  • Customizable Settings: Adjust the timeout duration based on security needs.

Password Requirements

Password Requirements define the complexity and strength required for user passwords.

Password Policies

  • Complexity Settings: Specify requirements for password length, characters, and strength.
  • Password Expiration: Option to require users to change their passwords regularly.

Session Options

Session Options manage how user sessions are handled on the site.

Session Management

  • Session Duration: Set how long user sessions last before expiring.
  • Concurrent Sessions: Control whether users can have multiple sessions active at the same time.