Advanced User Settings

To modify advanced user settings, you can go to Control Panel > User & Group > Advanced. The options below are available.

Password Settings

You can set up the settings related to password security and strength rules for users on your Synology NAS.

To allow users to reset forgotten passwords via email:

1. Tick the Allow non-admin users to reset forgotten passwords via email checkbox.
2. Click Apply to save settings.
3. The link marked "Forgot your password?" will display on the DSM login page. Once the password is forgotten, the user can click this link and enter the username. In this case, the system will send this user an email containing a link to reset the forgotten password.

To force users to change password upon password reset:

1. Tick Force password change after the administrator resets user password.
2. Click Apply to save settings. When the administrator changes the password for a user, the user is required to change his or her password upon next login.

To enable password strength rules:

1. Tick the Apply password strength rules checkbox.
2. Tick or untick the following options according to your needs:
   • Exclude name and description of user from password: The password must not contain the user name or the user description. But UTF-8 encoded characters are excluded.
   • Include mixed case: The password must contain both upper and lower case letters.
   • Include numeric character: The password must contain at least one numeric character (0~9).
   • Include special character: The password must contain at least one ASCII special character (i.e., ~ ` ! @ # $ % ^ & * ( ) - _ = + [ { ] } \ | ; : ' " < > / ? , . and space character).
   • Exclude common password: Refrain users from setting common passwords, such as 123456, password, qwerty, et cetera.
   • Minimal password length: The password must be at least the value specified in the text field. The length should be a number between 8 and 127.
   • Password history: The password must be different from the previously set ones, the number of which is to be specified here.
3. Click Apply to save settings.

Password Expiration

You can enhance the security of user accounts with the password expiration function to force users to change password after the specified period of time.

To set up the password expiration schedule:

1. Tick the Enable password expiration checkbox.
2. The following options are configurable:
   • Maximum password valid duration: Specify the number of days after which the passwords expire.
   • Minimum password valid duration: Tick the checkbox to enable this function, and specify the number of days before which the users are disallowed to change their passwords.
   • Prompt users to change password upon login before expiration: Tick the checkbox to enable this function, and specify the number of days before password expiration the users will be reminded to change their passwords upon login.
   • Allow users to change password after expiration: Tick the checkbox to allow users to sign in with their current passwords having expired and change their passwords.
   • Send expiration notification emails: Tick the checkbox to notify users of password expiration via email.
3. Click Apply to save settings.

User Home

Enable user home service to create a personal home folder for each user, except for guest. All users can access their own home folder via SMB, AFP, FTP, or File Station.

To enable the user home service:

1. Tick Enable user home service.
2. If there are multiple volumes, select where you want the homes folder to be stored.
3. Click Apply.

A default homes folder will appear. This folder contains all users' home folders. Only system administrators are able to access this folder to manage all users' home folders.

To disable the user home service:

1. Untick Enable user home service.
2. Click Apply to save settings.

After the user home service is disabled, the homes shared folder will be preserved for administrator access. Users will be able to access their home folders again when the user home service is enabled again.