It is security best practice - and may be a legal requirement - to ensure that only users have access when they require it. Jiglu offers several approaches to help you with such a security audit.
Viewing users that haven't recently logged in
To see what users haven't recently logged in, first choose Users from the system navigation bar. Now on the left-hand search form, select Last log in, pick the Specific date... option and click on the To field. You can now select from the pop-up calendar the cut-off date before which you wish to see inactive users.
To deactivate any of those users select the checkbox to the left of their name and then the Deactivate button at the bottom of the page.
Downloading a spreadsheet of users
If it is more convenient, you can download a spreadsheet of all the users that includes their last log-on date. First choose Users from the system navigation bar and then the Export users action on the sidebar.
The file will contain the following columns:
- Family name
- Given name
- Email address
- Join date
- Last log in date
- Whether the user is currently active
- Whether the user's email is currently active
Automatic deactivation of inactive users
If you prefer, Jiglu can automatically deactivate users that haven't recently logged in. It will send them a warning first that it is about to do this and then if they don't log in their account will be deactivated. They will then need to contact an administrator to have their account reinstated.
First choose Settings from the system navigation bar, log in with the additional administrator password and then choose the User workflow category page. There are two settings controlling this feature:
- For the setting enter after how many days you want to send users a warning, for example 90.
- For the setting enter how many days after that you want them to be deactivated if they haven't logged in, for example 14.
If either setting is set to 0 then automatic deactivation will not be used.
You can also have accounts automatically deactivated when email to them cannot be successfully delivered, see How can I have users automatically deactivated when email to them bounces?