Umbraco Security Settings

Password settings

The settings for Umbraco passwords are configurable in appsettings. There are two different configuration objects - One for Umbraco Members and one for Users.

For more information see the .

Password reset settings

Umbraco backend users can reset their own password, or if they try too much, have a locked out account.

To deactivate the User password reset look at the section.

To configure password reset verify the section.

Other security settings

If set to false this can be used to try to render pages in a way that they are not supposed to
If set to false this can be used to do an enumeration of the nodes in your website and find hidden pages.
Umbraco Forms: AntiForgeryToken and DisableFormCaching

PreviousUmbraco Security Hardening NextSensitive data

Last updated 5 months ago

Was this helpful?