Passwords for the Lean Library admin environment require seven characters, including at least one upper and lower case character and one number. More complex passwords are strongly recommended.
Brute Force Protection
We protect your admin account against brute force attacks. After a number of unsuccessful login attempts within a set time period, your account will be locked. If that should happen to you, please contact email@example.com for help.
Session Time Out
After 30 minutes of inactivity, we will automatically terminate your admin session and you will be prompted to log in again.
Requesting a new Admin User
In case your institution requires additional admin users to be setup, please contact firstname.lastname@example.org.
Requests will only be accepted from the primary account contact, as communicated during initial setup.
Passwords will be emailed only to the new account holder and must be reset upon first login.
How Do You Secure My Password
We do not store your password, but store something known as a password hash, which utilizes a salt to increase entropy. Additionally, the hashing algorithm has a "cost" applied, which defines the number of iterations the hashing algorithm completes before returning the hash, which we then store.
All traffic between the admin environment and your browser is encrypted through the https protocol.
While we do everything in our power to protect access to your admin area, please remember that it is vital to not re-use passwords between sites and to pick a password that is sufficiently random and doesn't follow an easy-to-guess pattern.
If you are an end user of our extension, we would like to assure you that we do not store passwords for you at all and will never ask you to enter your password on a Lean Library site.