Managing Accounts for Your Drupal Site

Avoid Security Risks

Your account for maintaining your library’s website includes some limitations on the type of changes you can make to the website. Even with these limits, in the wrong hands, your account could pose a risk to the site. A hacker could use it to launch a cross site scripting (XSS) attack, in which they take control of the site and do whatever they want with it -- take it offline, post inappropriate content, etc.

To avoid security risks, it is important to protect your account by following these rules:

  • Use a strong password that would be difficult for others to guess -- at least 8 characters with uppercase, numbers, and punctuation.
  • Don't share the password with others, and don't keep it written on post-it notes stuck to the monitor, under the keyboard, etc.
  • Don't leave your computer unattended while you are logged in at workstations the public could easily access. Log out of the site or lock your computer if you are stepping away.
  • If you find it difficult to remember a secure password for your site, consider using a password manager like KeePass (http://keepass.info/) or PassPack (http://www.passpack.com/).

Logging In

Your account username and password will be provided. The login page can be found with the pattern:
http://www.example.com/user (replace “www.example.com” with the appropriate address for your site)
Upon login, a black/gray toolbar will appear at the top of your site with shortcut links to maintain your site.

If you forget your account password:

  1. Visit the login page for your site.
  2. Click the "Request new password" tab.
  3. Enter your username or current account email address and click the E-mail new password button.
  4. An email will be sent with single-use replacement login information. Click the link in this message to log in and set your password.

Changing Your Account Email or Other Info

To change details related to your account (password, email address, etc.):

  1. Click the link for “Hello <your username>” in the upper right corner of the black toolbar.
  2. Click the Edit tab.
  3. To change to your email address or password:
    1. Enter your current password in the Current password field.
    2. Enter your new email address or password in the E-mail address or Password field.
      1. If changing your password, enter the new password a second time in the Confirm password field.
  4. Make any other changes you require.
  5. Click Save.
  6. File Browser tab: Use this to view, upload, delete, and perform other actions on image and document files separately from creating/editing a page on your site.
  7. Click Log out in the upper right corner of the black toolbar when you are finished.