Skip to main content
OCLC Support

Set password directly

  1. Last updated
  2. Save as PDF
Learn how to use Reset Password to allow users to set and reset passwords in Folio.

The Reset Password facility enables you to allow your users to set and reset their own passwords, so that library staff do not need to set the users’ passwords initially, and so that your users don’t have to divulge their password to library staff in order to log into Folio and use the end user services such as reservations and renewals.

The Reset Password facility can be configured in one of two ways:

  • to send an email containing a temporary password to the user, which the user then uses to log into Folio and set or reset his/her password on the Account Details screen
  • to prompt the user to set or reset his/her password directly

The second option is described here. The first option is a much more secure option. To do this see Set /Reset with Temporary Password

Workflow in Folio

Depending on the settings below, users can create their own password in the following circumstances:

  • at any time
  • or if the User record password field is NULL
  • or if the User's email address / mobile number is NULL

For example:

User clicks the Set/Reset/Forgotten Password link:

image1178.jpg

Folio responds:

Please enter your user barcode and click 'Continue' to proceed.

On entering their barcode, Folio responds:

Please provide the requested information to confirm your identity, and click 'Continue' to receive a temporary password

The user enters e.g. their email address as requested and Folio responds:

Please enter a new password, twice, and click on the save link to use this for future logins.

The user enters a password and password confirmation. They can then continue to use Folio as normal.

You can set up various configuration options to allow users without passwords to click the Set/Reset/Forgotten Password link and to answer security questions. They can then reset their own password or create their own password for the first time.

First configure the login option and login form if you have not already done so.

Enable login option on the Folio menu

To make the Login option display at the top of the Folio screen, you need to check this setting is enabled, or enable it

  1. Go to OPAC> Configuration Settings.
  2. Use the search Folio Configuration Settings by Setting to find allow_login.
  3. If the setting does not exist, click New Record to create it.
  4. Edit the following fields to include these values:
field Value
Ini File / Config Block g_menu
Value "Y" (encase in double quotes)
Include Yes

 

To specify the name of the Login option

  1. Go to OPAC> Configuration Settings.
  2. Use the search WebView Configuration Settings by Setting to find page_title_login.

  3. If the setting does not exist, click New Record to create it.

  4. Edit the following fields to include these values:
field value
Ini File / Config Block login
Setting page_title_login
Value "Login" (encase in double quotes)
Include Yes

Password configuration on the login form

The following settings are required to configure the login form correctly. Note these are WebView settings

  1. Go to OPAC> Configuration Settings.
  2. Use the search WebView Configuration Settings by Setting to find the following settings.
  3. If the setting does not exist, click New Record to create it.
  4. Edit the following settings to include these values:
Setting Purpose Fields Values
password_required

Make the Password field mandatory on the Login form and set the text to display if someone is logging in without entering a password.

Note: Users without passwords in their User record will then no longer be able to log in.

The Login form will show a mandatory password field (*) as soon as the user clicks the Login option.

 Ini File / Config Block login
Setting password_required
Value "You must enter a password to log in. If you have not yet set your password, ask a member of library staff for the temporary password, then click the Set/Modify Password link to set your own password"
Include? Yes
password_reset_link Define the text of the Set/Modify Password link Ini File / Config Block login
Setting password_reset_link
Value "Set/Reset Password?" or "Forgotten Password?"
Include? Yes
password_reset_allowed

Configure the Login form to display the Set/Modify Password link

 Ini File / Config Block login
Value true
Include? Yes

 

Changes take effect in Folio immediately.

Configure reset defaults and validation details

This is how you set the system to prompt the user for some information to validate themselves.

  1. Go to System Administration> OPAC Defaults.
  2. Edit the Password Reset Options:
Field Description
Min. Validity (mins) Minimum time allowed between password resets
Max Validity (hours) Temporary password validity (before it gets ignored)
Temporary password complexity Letters only, numbers only, both, anything printable
Length Temporary password length
Potential validation fields

List of user fields to validate the password reset request. One or more from the following ending in semi-colon:

email;postcode;phone;note1 [up to note10];copy;balance;

(Email · postcode (for any address) · last 4 digits of phone number (home, office or mobile) · borrowers.note1-10 (labelled as security questions on account details) · barcode of an item currently on loan · outstanding balance)

Optional : you can also include any column name from the BORROWERS table by adding “_” (underscore) to the column name. For example fname_ for the user’s forename. In addition, a more user-friendly label is preferably created for this in g_forgotten_password (fname_label setting) such as “Forename”. See Label settings below.

A system secret string (see below*) can be entered instead of or as well as other validation fields. To use this, enter the text

secret;

...followed by semi colon.
No. Fields to request Enter the number of user fields to request that should be validated, e.g. 2
No. Fields to validate Enter the number of user fields to actually require correct validation (at least 1)
Password Reminder Field Optional configuration of a field (e.g. one of the note fields) for the user to store a password reminder comment. If this field is populated, display it as a hint for the password field on the login form. Do not allow the password reminder and the password to have the same value.
System Secret String* A general password that you regularly update, e.g. weekly. This will be the string required if you include secret as a potential validation field.
Preferred Notice, Alternative Notice To User Select a preferred alert notice to use and an alternative (if the user does not have suitable contact information for the preferred notice)
Notice to Library Select the notice that will be used if the user does not have suitable contact information for either notice.

For example, entering email will prompt them to enter one of the two email addresses that have been added to the Email field in their user record (which will be separated by a semi-colon with no spaces, e.g. john.smith@myorg.com;john.smith123@yahoogoogle.com)

Once you have configured which field or fields to present to the user, enter the number of fields to present to the user in No. Fields To Request. Enter the number of fields to actually validate in No. Fields To Validate. For example, you could configure it to present three fields but only ask for any one of those fields to be completed, by entering 3 in No. Fields To Request and 1 in No. Fields To Validate.

If you have included secret in the Potential Validation Fields, enter the temporary password in System Secret String. (The System Secret String should be changed as frequently as is deemed necessary, e.g. at the start of each week.)

If you have included email in the Potential Validation Fields, you must also include a mailid option in the usdetails array. Without this setting, the Email field will not be displayed on the validation screen that is displayed when the user uses the Set/Reset Password facility. (Using Folio Configuration Settings by Setting search for usdetails to display the list; set Include=Y).

Optional Label settings

For each field that you have included in the Potential Validation Fields field in OPAC Defaults, you will need an xxxxx_label setting in g_forgotten_password, where xxxxx is the field mnemonic, e.g. email_label.

Before creating a new setting, search for the xxxxx_label setting in the Folio Configuration Settings by Setting search to confirm that it hasn’t already been added. If there is no setting with that name, create a new one, e.g.

Field Value Description
Interface 1  
Ini File / Config Block g_forgotten_password.  
Setting email_label  
Value "Enter your student email address" Enter the field label / prompt that you prefer
Value2 "hidden" If you want the users’ input to be obfuscated whilst they are entering it, set Value 2 to “hidden”. If Value 2 is not set to “hidden”, the users’ input will be displayed in plain text.
Sequence 1 4565 Enter a random high number
Sequence 2 0 Enter zero
Include Yes  

Folio will now ask for the user's email, as follows:

Enter your student email address

Configure the Folio password entry field and confirmation field

If you want users to be able to change their password on the Account Details screen once they have successfully logged into Folio, you will also need to make these configuration changes.

  1. Go to OPAC> Configuration Settings.
  2. Select the search Folio Configuration Settings by Setting.
  3. Search for usdetails to display the options in the hitlist.
  4. Modify the one that relates to the password field (with “password" at the beginning of the Value field).
  5. Set Value to 
    "password E <view>Password</view><edit>New password:<br/>Confirm password:</edit>".
  6. Ensure that Include? = Yes, and save your changes.

Note: the above example includes the HTML line break tag (<br/>) immediately preceding the Confirm password string. Do not remove it.

(The text between the <view>…</view> tag is displayed when the Password field is displayed in read-only mode. The text between the <edit>…</edit> tag is displayed when the Password field is displayed in modify mode, i.e. after the user has double-clicked Password).

Other set/reset/forgotten password settings

More options are available in g_forgotten_password:

  1. Go to OPAC> Ini Files / GCBs.
  2. Search for g_forgotten_password and click to display details.
  3. Click one of the links to go to the setting you want to change (see below).
  4. Switch to modify and set Include= Yes to implement it.

Enable the option to allow users to set their password for the first time

  1. Go to OPAC> Configurations Settings.
  2. Use Folio Configuration Settings by Setting to search for these settings.
  3. Set Include?= Yes.
Setting Config block Value Include? Result when user clicks "Forgotten Password" / "Set/Reset Password"
first_password g_forgotten_password "ask user" Y When Folio is reloaded, if the User record has password = NULL, the Set/Reset/Forgotten Password link on the Login form will ask the user to create a new password.
temp_password g_forgotten_password Y

When Folio is reloaded, users will always be able to click the Set/Reset/Forgotten Password link even if he/she already has one, and will be given the option to create their own new password.

If Include =N, Users can still be prompted to create their own password in certain circumstances, if one of the other settings below are configured.

Change the text of the headings for the various pop-up dialog boxes

  1. Go to OPAC> Configurations Settings
  2. Use Folio Configuration Settings by Setting to search for these settings.
Setting ID Setting Config block Include? Text displayed to user Description
605882 passreset_page1_heading g_forgotten_password Y Please enter your user number and click ‘Continue’ to proceed Edit the text in double quotes in the Value field if you need to change the text displayed to the user
605881 passreset_page2_heading Y Enter the temporary password and click ‘Continue’ to set your own personal password This should be changed so that it relates to the fields that you have configured the system to prompt for
605883 enter_new_password Y Please enter a new password and click on the Save link to use this for future logins Edit the text in double quotes in the Value field if you need to change the text displayed to the user

 

Settings if the user is missing details

If any user records could be missing contact details, these settings allow the user to create a password directly in Folio:

Setting Config block Value Include? Missing details Result when user clicks Set/Reset/Forgotten Password
no_email_option g_forgotten_password "ask user" Y

Email might be your preferred way to communicate when the User clicks Set/Reset/Forgotten Password. If the User details do not include email address, this setting allows the user to create a new password directly in Folio.

The User enters their barcode and other validation details when prompted. Normally OLIB would email / send sms with a new password, but because these user details are missing Folio asks the user to create a new password themselves:

Please enter a new password, twice, and click on the Save link to use this for future logins

i.e. User creates their own password in these circumstances even when temp_password is set to No.

When the user specifies a new password, the Folio session will be logged in and he/she will be able to use Folio as normal.
no_sms_option "ask user" Y

SMS might be your preferred way to communicate when the User clicks Set/Reset/ Forgotten Password. If the User details do not include mobile number, this setting allows the user to create a new password directly in Folio.

 
ask_if_no_contact_info true Y OLIB will allow the User to create their own password in Folio if the User details are missing both email address and mobile number.

 

Settings for the messages to user

When Folio displays a message to the user, the text comes from various Folio settings. If preferred, you can change the text of these messages:

Setting Config block Value Include? Description
enter_new_password g_forgotten_password "Please enter a password twice and click on the Save link to use this for future logins." Y Set this to a message that will appear above the prompt to enter the new password. Encase in double quotes.
password_refer_to_library "You must contact the library in order to reset your password."
password_unrecognised_barcode "The user ID that you entered is not recognised. You must contact the library for them to assign you a valid user ID". If the user enters an unrecognised barcode when prompted, Folio displays this message. If you want to change the message, create this setting in OLIB, with your preferred text contained in the Value field in double quotes. (Sequence 1=1, Sequence 2=0).

Logging in for the first time

This completes the configuration for set/reset password directly in Folio. A newly-registered user can now set his/her personal password in Folio as follows:

  1. If secret is one of the mandatory potential validation fields, obtain the current temporary password from a member of staff.
  2. Click the Set/Reset/Forgotten Password link on the Login form.
  3. Enter your library barcode and click Continue (or hit Enter).
  4. Enter the temporary password and/or other fields as required, and click Continue. Note that the temporary password field is case-sensitive.
  5. Enter your new personal password in the New Password field and again in the Confirm Password field, and click the Save icon on the left just below the Confirm Password field.