Guardian protects specified Users a.k.a. 'guarded users' from logging in with a username and password and changes to the login data (username or password).
To login with a guarded user, login is possible with drush uli [uid]
or a password reset url.
In this way there will be no need to store and share complex passwords within your organization.
Installation
Developers
To install the module, make sure that the user 1 account has the correct mail address and that the mail address is the same as the field init in your user database table.
System Administrators
System administrators need to assign a shared inbox or group mail address for development teams to receive the password reset mail. If a person is leaving the project, only access to the webserver and the shared inbox needs to be denied to secure the website for user 1 access.
Usage
- Use drush to request a one time login url:
drush uli [uid]
- Access the password reset form:
/user/password
Difference between the branches
- 2.x Requires Drupal 9.4 or higher, open for new features
- 7.x-1.x Only bug fixes for Drupal 7
Project information
- Module categories: Security, Access Control
- 87 sites report using this module
- Created by Tess Bakker on , updated
- Stable releases for this project are covered by the security advisory policy.
Look for the shield icon below.
Releases
Bumped minimum Drupal Core version to 9.4.0 due to https://www.drupal.org/node/3000490
Development version: 2.x-dev updated 26 Jan 2023 at 14:26 UTC
Bug fix and code style fixes
Pre-release version: 7.x-1.4-rc1 released 7 Apr 2017 at 15:08 UTC
Development version: 7.x-1.x-dev updated 24 May 2017 at 08:18 UTC