Authentication FAQ
What is an authentication plugin?
An authentication plugin is a method of handling user authentication i.e. enabling certain people to login to your Moodle site.
How do I enable the "Create new account" button on the login page?
To display the "Is this your first time here?" instructions and the "Create new account" button:
- Make sure that the email-based self-registration plugin (or any other plugin that can support self-registration, such as LDAP) is enabled in Administration > Users > Authentication > Manage authentication.
- Select the self-registration plugin in the common module settings.
Warning: Enabling self registration results in the possibility of spammers creating accounts in order to use forum posts, blog entries etc. for spam. See Reducing spam in Moodle for ways of minimizing the risk.
How can I change the "Is this your first time here?" instructions?
- Access Site administration block> Users > Authentication > Manage authentication.
- Write the instructions in the auth_instructions text field.
- Click the "Save changes" button at the bottom of the page.
If your site caters to more than one language you can edit the language via Site administration > Language editing. Choose the languages (one at a time) and click "edit words or phrases". Choose "file to edit" : moodle.php Go to the string called "loginsteps" and put in the instruction text you want (for that language). Then repeat for the other languages you want offered.
How do I set up LDAP authentication?
See LDAP authentication for full instructions.
How is the "No login" authentication plugin used?
The No login authentication plugin can be used to suspend particular user accounts. To do so:
- Access the user's profile page.
- Click the edit profile tab.
- Select "No login" as the authentication method. (If the setting isn't shown, click the "Show advanced" button to reveal it.)
- Click the "Update profile" button at the bottom of the page.
Since upgrading, users are reporting that they can no longer login. What should be done?
If users are unable to login following an upgrade to 1.8 or 1.9, then most likely their account authentication method, such as Email-based self-registration, requires enabling in Administration > Users > Authentication.
Note: The No authentication (none) type should not be enabled on any production server. You can use phpmyadmin to convert all existing accounts created with 'none' to 'manual' or an admin can change the authentication type in Edit profile.
What is the difference between enabling the email-based self-registration auth plugin and selecting it as the self registration method?
The email-based self-registration authentication plugin must be enabled to allow users who previously self-registered to login.
Selecting email-based self-registration as the self registration method allows potential users to self register.
Warning: Enabling self registration results in the possibility of spammers creating accounts in order to use forum posts, blog entries etc. for spam. This risk can be minimized by limiting self registration to particular email domains with the allowed email domains setting in Administration > Users > Authentication > Manage authentication (or in Administration > Server > Email prior to Moodle 1.9). Alternatively, self registration may be enabled for a short period of time to allow users to create accounts, and then later disabled.
How can I create an authentication plugin?
See Development:Authentication plugins.
How can students without email addresses have Moodle accounts?
See No Email.
Where are users' details stored?
Users' details can be stored in local Moodle database or externally.
If Users' details are stored in local Moodle database, it indicates as internal authentication. Storing users' details externally would be indicate as external authentication.
See Manage authentication for more information.
See also
- Using Moodle User authentication forum