Revision [12595]
This is an old revision of SecurityInfoES made by YanB on 2006-01-10 21:51:16.
Security in Wikka
General thoughts
Wikka SystemRequirements requires a webserver and mysql to work. To have a secure wikka you have to make sure that only authorized people have access to the files in the wikka-directory and to the mysql-database in which wikka is stored.For security tips and options refer to the manual of your webserver software.
Password security
Every user on a wikka has a password to protect his/her account. This password is chosen upon the account RegisterInfo registration and can be subsequently UserSettingsInfo modified by the user.Because knowing your password can enable someone to act in your name, you should choose it carefully (this is especially true for admins, who have WikkaAdmin more possibilities than normal users)
- On wikka installs, passwords have to be at least 5 characters long. A longer password is recommended.
- Do not use only letters: use also specialchars and numbers (as of 1.1.6.0 you have to escape the $ in the password, so you have to type \$ instead. This will change in later versions)
- Do not use your (user)name, not even partly
- Do not use a word existing in a dictionary
- ...
CategoryDocumentation
