Feature #4370: Expire passwords on accounts created by administrators - Redmine

Actions

Copy link

Feature #4370

closed

Expire passwords on accounts created by administrators

Added by Colan Schwartz over 15 years ago. Updated over 10 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Category:

Accounts / authentication

Target version:

Start date:

2009-12-09

Due date:

% Done:

Estimated time:

Resolution:

Duplicate

Description

When a user account is created by an administrator, a plain-text password is sent over the network. Users should be forced to change their passwords in this situation, but there is currently no means by which to enforce this.

The standard way to enforce this is to expire user passwords when they first log into the system so that they must change their passwords. This way, if anyone else digs up a user's initial password later and tries to use it, it will be useless.

Updated by Colan Schwartz over 10 years ago

Status changed from New to Resolved

Updated by Jean-Philippe Lang over 10 years ago

Status changed from Resolved to Closed
Resolution set to Duplicate

Actions

Copy link

Also available in: Atom PDF

Project

General

Custom queries

Profile

Redmine

Feature #4370

Expire passwords on accounts created by administrators

Updated by @ go2null over 10 years ago

Updated by Colan Schwartz over 10 years ago

Updated by Jean-Philippe Lang over 10 years ago