Authentication
Warden supports username/password login and optional Single Sign-On via Google OAuth.
Initial Setup
Section titled “Initial Setup”When you first launch Warden, you’ll be prompted to create an admin account. This is the only time a user can be created without an existing admin.
Requirements for the initial admin account:
- Username — lowercase, alphanumeric, dots, dashes, and underscores (max 32 characters)
- Password — minimum 8 characters, at least one digit and one special character
Logging In
Section titled “Logging In”Enter your username and password on the login page. Sessions last 30 days and are stored as secure, HttpOnly cookies.
If your admin has configured Google SSO, a Sign in with Google button appears on the login page. See SSO for details.
Changing Your Password
Section titled “Changing Your Password”- Click your avatar in the top-right corner
- Go to your profile settings
- Enter your current password and your new password
- Save
When you change your password, all your other active sessions are automatically invalidated. Your current session stays active.
Updating Your Timezone
Section titled “Updating Your Timezone”From your profile settings, you can change your timezone. This controls how dates and times are displayed throughout the dashboard.
Brute-Force Protection
Section titled “Brute-Force Protection”Warden automatically locks out repeated failed login attempts:
- Per IP — too many failures from the same address triggers a temporary lockout
- Per username — protects individual accounts from targeted attacks
In production, login is limited to 10 attempts per minute per IP. After that, you’ll need to wait before trying again.