Wiki source for SecurityInfo

Show raw source

=====Security in Wikka=====

===General thoughts===
Wikka [[SystemRequirements | requires a webserver and mysql]] to work. To have a secure wikka you have to make sure that only authorized people have access to the files in the wikka-directory and to the mysql-database in which wikka is stored.

For security tips and options refer to the manual of your webserver software.

===Password security===
Every user on a wikka has a password to protect his/her account. This password is chosen upon the account [[RegisterInfo | registration]] and can be subsequently [[UserSettingsInfo | modified]] by the user.

Because knowing your password can enable someone to act in your name, you should choose it carefully (this is especially true for admins, who have [[WikkaAdmin | more possibilities]] than normal users)

- On wikka installs, passwords have to be at least 5 characters long. A longer password is recommended.
- Do not use only letters: use also specialchars and numbers (as of you have to escape the ##$ ## in the password, so you have to type ##\$## instead. This will change in later versions)
- Do not use your (user)name, not even partly
- Do not use a word existing in a dictionary
- ...

Valid XHTML :: Valid CSS: :: Powered by WikkaWiki