New User Accounts
Enables users to create their own account via web interface.
Lost Password
Activates lost password feature for users. If “no” is selected here, the password can only be changed via the admin interface.


Normally, especially when using LDAP, you might want to consider to disable both above options, because you’d normally do that via LDAP.


This section allows you to define password requirements for the local user accounts.


Zammad does not allow you to change your LDAP password, instead, it will set a password in it’s local database which might confuse your users. This will be addressed in the future by #1169 and #2389.

Maximum failed logins

You can choose a value between 4 and 20. This defines how often a login to a user account may fail until Zammad will lock it. Please note that via UI the only way to unlock a user account is to change the password (either as admin or via password reset function (if enabled)). The default value is 10.


You can also unlock an account via console or API.

2 lower and 2 upper characters

You can add complexity into passwords by enforcing at least 2 upper and lower case characters. The default value is no.

Minimum length

This defines the minimum password length required (from 4 to 20). The default value is 6.

Digit required

This enforces your users to at least use one digit with his password. The default value is yes.

Third-Party Applications

Third party authentication is a great way to help your users to login to Zammad easier. If the account is yet unknown, Zammad will create a new user automatically, without the user needed to interact (e.g. type in his name). Another big advantage of this feature is that your user doesn’t need another password to remember.


We’re currently missing documentation for the following login providers:

  • LinkedIn
  • Generic OAuth2
  • Weibo