Magento 1.x Security Patch Notice
For Magento Open Source 1.5 to 1.9, Magento is providing software security patches through June 2020 to ensure those sites remain secure and compliant. Visit our information page for more details about our software maintenance policy and other considerations for your business.
Password Options
The customer password options determine the email templates that are used when customers forget their passwords, and the lifetime of the password recovery link. You can allow customers to change their own passwords, or require that only store administrators can do so.
To configure customer password options:
|
1.
|
On the Admin menu, select System > Configuration. |
|
2.
|
In the panel on the left under Customers, select Customer Configuration. |
|
3.
|
Click to expand the Password Options section. Then, do the following. |
|
a.
|
Set Forgot Email Template to the template that is used for the email sent to customers who have forgotten their passwords. |
|
b.
|
Set Remind Email Template to the template that is used when a password hint is sent to customers. |
|
c.
|
Set Forgot and Remind Email Sender to the store contact that appears as the sender of the Forgot Email and Remind Email notifications. |
|
d.
|
In the Recovery Link Expiration Period field, enter the number of days before the password recovery link expires. |
|
e.
|
To require that only the store administrator can change customer passwords, set Require admin user to change user password to “Yes.” |
|
4.
|
When complete, click the Save Config button. |