All Collections
Librarian FAQs
Security and Privacy
Lean Library Dashboard: Password & User Management
Lean Library Dashboard: Password & User Management

This article details Password Requirements & User Management for our admin environment

Daniel Horvath avatar
Written by Daniel Horvath
Updated over a week ago

Password Requirement

To enhance the security of your dashboard, we have now adjusted the requirement for the password:

  • at least 8 characters

  • uppercase and lowercase letters

  • a number and special character

Forget password

If in the event that you have lost your password, you can click "Forget Password". Once you have done so, you will receive a link in your email for you to reset it. The reset link will be valid for 20 minutes.

2-Factor Authentication

If you would like to enable 2-Factor Authentication, please read this article and follow the instructions and enable this setting for your dashboard.

Brute Force Protection

We protect your admin account against brute force attacks. After a number of unsuccessful login attempts within a set time period, your account will be locked. If that should happen to you, please contact for help.

Session Time Out

After 30 minutes of inactivity, we will automatically terminate your admin session and you will be prompted to log in again.

Requesting a new Admin User

In case your institution requires additional admin users to be setup, please contact

Requests will only be accepted from the primary account contact, as communicated during initial setup.

Passwords will be emailed only to the new account holder and must be reset upon first login.

How Do You Secure My Password

We do not store your password, but store something known as a password hash, which utilises a salt to increase entropy. Additionally, the hashing algorithm has a "cost" applied, which defines the number of iterations the hashing algorithm completes before returning the hash, which we then store.

All traffic between the admin environment and your browser is encrypted through the https protocol.

While we do everything in our power to protect access to your admin area, please remember that it is vital to not re-use passwords between sites and to pick a password that is sufficiently random and doesn't follow an easy-to-guess pattern.

If you are an end user of our extension, we would like to assure you that we do not store passwords for you at all and will never ask you to enter your password on a Lean Library site.

Did this answer your question?