This topic describes the account password registration and logon feature of Alibaba Cloud IDaaS. This feature helps developers quickly implement user registration, logon, and password management. This topic covers account registration flows, password policy configurations, logon authentication methods, and security protection measures.
Function overview
Account + password is the most basic registration and logon method. It is cost-effective and applicable to all scenarios. Although it is not secure enough, it remains widely used today. IDaaS CIAM allows users to register and log on using a username, mailbox, or phone number combined with a password.
Prerequisite: Short Message Service configuration. In the current registration flow, IDaaS requires a verified phone number as one of the account identities. You need to configure the SMS gateway in IDaaS so that IDaaS can send text message Captcha. You can activate Short Message Service in Cloud Communication and complete the configuration within 5 minutes.
Account password registration/logon page design reference
Account password registration
Service invocation sequence diagram
For related API documentation, please contact the IDaaS product team.
Account password logon
For related API documentation, please contact the IDaaS product team.
Other related configurations
Account password protection against brute-force attacks - Captcha: To counter brute-force attacks targeting the same account, IDaaS default configurations require a Captcha generated by IDaaS after 2 consecutive failed logon attempts within 3 minutes for the same account.
Required registration information configuration: IDaaS CIAM accounts must include phone number information by default. A verified phone number must be used during registration.
Enable two-factor authentication for account password logon: For account password logon, IDaaS CIAM allows specified applications to enable two-factor authentication, using text message Captcha to verify user identity again, significantly improving access security.