Modify

Opened 5 years ago

Closed 17 months ago

#9941 closed defect (worksforme)

Reset password still valid after first login

Reported by: rinon Owned by: Steffen Hoffmann
Priority: low Component: AccountManagerPlugin
Severity: normal Keywords: needinfo password reset
Cc: Ryan J Ollos Trac Release: 0.12

Description

After a user (or admin on behalf of the user) resets their password, logs in with their temporary password and is forced to change their password, the user is still able to log in later with that temporary password. Shouldn't AccountManager clear out any password_reset attributes on password change?

Attachments (0)

Change History (4)

comment:1 Changed 5 years ago by Ryan J Ollos

Cc: Ryan J Ollos added; anonymous removed

comment:2 Changed 4 years ago by Steffen Hoffmann

Keywords: needinfo added

This shouldn't apply to current code in trunk, meant as candidate for acct_mgr-0.4.

Please re-check, but watch out for upgrade notes, that explain component name changes (and related activation caveats) as well as changed options for file-based authentication stores.

comment:3 Changed 4 years ago by Steffen Hoffmann

Priority: normallow
Type: enhancementdefect

Ping. Could you prove your point somehow. I can't reproduce the reported behavior, and there's not much to be done about this without knowing, there really is a hidden issue.

comment:4 Changed 17 months ago by Ryan J Ollos

Resolution: worksforme
Status: newclosed

Closing due to 3 years with no reply.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Steffen Hoffmann.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.