Sign in to Fluid Topics - Fluid Topics - 4.3

Fluid Topics User Guide

Category
Reference Guides
Audience
public
Version
Latest

After creating an account, it is possible to sign in to the Fluid Topics portal, as follows:

  1. In the portal's header, select Sign In.

    The login page is displayed. For example, the login page for a portal that does not have an SSO authentication mechanism appears, as follows:

    Fluid Topics login form

  2. Enter the email defined during registration, for example, mmcfly@fluidtopics.com.

  3. Enter the password defined during registration.

  4. Select Sign in.

Selecting the Remember me check box keeps the user logged in for 30 days unless they explicitly log out.

OWASP compliance

The Fluid Topics login mechanism complies with the following OWASP Secure Software Development Lifecycle Requirements:

  • #2.1.11 Users can take advantage of login tools like browser password helpers and external password managers, and they can paste text in the password field.

  • #2.1.12 Users can temporarily view their masked password by selecting the eye icon in the Password field.

  • #2.2.1 Fluid Topics blocks brute-force attacks by locking accounts for 10 minutes after 3 unsuccessful login attempts, logging locked accounts, displaying a generic HTTP 401 error message on the server side when invalid credentials are submitted, providing a more helpful error messages in the UI to legitimate users who enter an invalid password, and allowing users to bypass the anti-brute-force mechanism when using the Password recovery feature.