Opened 5 years ago

Closed 15 months ago

#9941 closed defect (worksforme)

Reset password still valid after first login

Reported by: rinon Owned by: hasienda
Priority: low Component: AccountManagerPlugin
Severity: normal Keywords: needinfo password reset
Cc: rjollos Trac Release: 0.12


After a user (or admin on behalf of the user) resets their password, logs in with their temporary password and is forced to change their password, the user is still able to log in later with that temporary password. Shouldn't AccountManager clear out any password_reset attributes on password change?

Attachments (0)

Change History (4)

comment:1 Changed 5 years ago by rjollos

  • Cc rjollos added; anonymous removed

comment:2 Changed 4 years ago by hasienda

  • Keywords needinfo added

This shouldn't apply to current code in trunk, meant as candidate for acct_mgr-0.4.

Please re-check, but watch out for upgrade notes, that explain component name changes (and related activation caveats) as well as changed options for file-based authentication stores.

comment:3 Changed 4 years ago by hasienda

  • Priority changed from normal to low
  • Type changed from enhancement to defect

Ping. Could you prove your point somehow. I can't reproduce the reported behavior, and there's not much to be done about this without knowing, there really is a hidden issue.

comment:4 Changed 15 months ago by rjollos

  • Resolution set to worksforme
  • Status changed from new to closed

Closing due to 3 years with no reply.

Add Comment

Modify Ticket

as closed The owner will remain hasienda.
The resolution will be deleted. Next status will be 'reopened'.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.