How to Configure Password Requirements by Patron Category

Managing Patron Categories

Patron Categories are created and configured in Administration > Patrons and Circulation. The configuration allows the library to define default settings that are applied at the time of registration. 

Passwords


Libraries can specify which patrons are allowed to change their password when logged into the OPAC, per patron category. Often a library that uses authentication for their patrons, like LDAP or Active Directory, still have a few categories that do not use authentication and just require local login. For example, an academic library may use single sign on for their students and faculty, but community members may just need a local login.

System Preferences

The first thing you will want to do is check your system preference for OpacPasswordChange.

Go to Administration > Global System Preferences
  1. Search for OpacPasswordChange
  2. There are 2 options
    1. Allow patrons to change their own password on the OPAC. Note that this must be off to use LDAP authentication.
    2. Don't Allow patrons to change their own password on the OPAC. Note that this must be off to use LDAP authentication.
Choose one and save.

Password Expiration

Password expiration settings can be defined at the patron category level.

The system preference, EnableExpiredPasswordReset, is introduced in this release as well, which would allow the library to give/don't give the ability for patrons to directly reset their password when it is expired. If not enabled patrons must either use the 'Forgot your password' feature or have staff reset their password. *See below on how to manually send a "password reset email".

System Preference, OpacResetPassword, is also a system preference that can be enabled or not enabled to allow patrons to reset their password.

Patron Categories

Next you will want to update your patron categories that you want to allow or not allow to log in to the OPAC.
  1. Go to Administration > Patrons and circulation > Patron Categories
  2. Select the category you want to update / change
  3. Under actions click edit
  4. Scroll down and you will see an option for Password change in OPAC:
  5. There will be 3 options
    1. Follow the system preference for OPACPasswordChange. (Either allow or don't) it will just follow the system preference.
    2. Allowed - this specific patron category can change their password even if the system preference is set don't allow.
    3. Not allowed - this specific patron category can not change their password even if the system preference is set to allow.
  6. Min Password Length: If a library would like to make this patron category's password length different from the System Preference, they could set a number in this field. This would make this patron category need to have a longer or shorter password length.
  7. Require Strong Password: A few options exist for this one, a library can choose to have this follow what the library has in the system preference, set it to YES or set it to NO.
  8. Add the number of days for a password expiration.
Click Save.

Automatically Update Patron Categories

Koha can run a cron job to automatically update patron categories from one category to another. This is especially helpful when updating a child patron to an adult patron category when the child reaches the upper age limit defined in the patron category. In order for this to work, the patron category must have the upper age limit set in the patron category. Other triggers can be applied such as updating a patron category when a patron has a certain amount of fines associated with their account. The cron can specify specific branches of a multi-branch installation.

Sending Patron Account Expiration Notices

In 25.05, Koha added a 'Patron account expiry' notice option to patron category defaults. This notice sends when patron accounts are nearing expiration according to the number of days in the MembershipExpiryDaysNotice system preference and the library is running the membership_expiry.pl cron.

Before 25.05, per-patron category settings had to be set directly in the cron. Now, newly-created patrons will have 'Patron account expiry' notice selected according to the default selections set in their patron category. 

Info
Note for ByWater Solutions partners: At the time of upgrade to 25.05, ‘Patron account expiry’ was added to patron category defaults and existing individual patron account messaging preferences if MembershipExpiryDaysNotice was in use. 
Warning
Be aware that settings in the membership_expiry.pl cron supersede an individual patron's message selections. For instance, if your library set the cron to exclude patrons in the CHILD category, but an individual CHILD patron elects to receive the message, they will not receive the notice. ByWater Solutions partners who are unsure whether any settings are in their membership_expiry.pl cron should submit a ticket. 
Alert
As with other notice selections in patron category defaults, selecting ‘Patron account expiry’ for a patron category will only affect newly-created patrons, but it will not update existing patrons. ByWater Solutions partners can submit a ticket requesting that we update this message selection for existing patrons if you wish to start using this message.

There is also a new ‘Enforce patron account expiry notice’ option in patron category settings: ‘Make the account expiry notice mandatory for all patrons in this category and prevent patrons from opting out in the messaging preferences’. This is set to No by default for ByWater Solutions partners. If this is set to Yes, patrons will receive the notice based on the settings in their patron category, and the ‘Patron account expiry’ notice option will not show in patron accounts in the staff interface or in the OPAC. Also, once ‘Enforce patron account expiry notice’ is set to Yes for a given patron category, the ‘Patron account expiry’ message line will no longer show in that category. To edit its selections, libraries must first set ‘Enforce patron account expiry notice’ to No to un-hide the ‘Patron account expiry’ line.

Warning
For Aspen libraries, the ‘Patron account expiry’ notice will show in patron accounts even when ‘Enforce patron account expiry notice’ is set to Yes. ByWater Solutions partners can submit a ticket requesting that we hide this message line.

    • Related Articles

    • Passwords in Koha

      Koha has several system preferences and patron category customizations for setting up and keeping passwords up to date. minpasswordlength - how long should the password be - at a minimum! RequireStrongPassword - a strong password for staff and ...

    • Managing Patron Accounts

      Koha has many options and tools for managing patron accounts. Customize the Patron Registration Form Libraries can customize which patron fields display on the form, which fields are mandatory and which fields are collapsed within the patron detail ...

    • Setting Up Patron Clubs in Koha

      In this Koha Tutorial we will show you the new feature in Koha for Patron Clubs. This features adds the ability to create clubs in which patrons can enroll. It is particularly useful for tracking summer reading programs, book clubs, etc. Permissions ...

    • Managing Patron Accounting

      The patron accounting tab in the patron account is where all financial transactions for a patron are handled and recorded. Refund Lost Returns A system preference allows you to specify the number of days a refund will not be issued when a lost item ...

    • Patron Privacy

      Libraries perpetually balance our patrons' right to privacy against our organizational need for usage data. The best way to ensure patron data is not compromised is to not keep it in the first place, but we need some level of data to ensure we know ...