Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Password Expiry Controls #2891

Closed
julianlam opened this issue Mar 24, 2015 · 3 comments
Closed

Password Expiry Controls #2891

julianlam opened this issue Mar 24, 2015 · 3 comments
Assignees
@julianlam
Labels
enhancement
Milestone
0.7.0

Comments

@julianlam
Copy link
Member

For security purposes (and @tedr56, you may feel the same), it may be advantageous to set a system-wide password policy in order to force users to reset their password after a certain number of days.

The real reason I suggest this is so automated setups can set a random password (or no password at all), followed by an enforced password reset upon initial login.
@julianlam julianlam self-assigned this Mar 24, 2015
@julianlam julianlam added this to the 0.7.0 milestone Mar 24, 2015
@julianlam
Copy link
Member Author

Tasks

  • User password reset should automatically log you in after changing it Impossible to do
  • New passwordExpiry unix timestamp, default is 0 (unless password policy dictates otherwise)
  • On login:
    • If passwordExpiry !== 0 and < current time, generate reset code and redirect user to that page

julianlam added a commit to NodeBB/nodebb-theme-vanilla that referenced this issue Apr 1, 2015
@julianlam
expiry notice for NodeBB/NodeBB#2891
976d2c0
julianlam added a commit to NodeBB/nodebb-theme-persona that referenced this issue Apr 1, 2015
@julianlam
expiry notice for NodeBB/NodeBB#2891
7cecfe2
@teotikalki
Copy link

I was just about to file a feature request for the ability to set password expiration/ flag an account such that the user must change their password at next login.
I can't currently find the expiration functionality (running 1.10.2) and do not see mention of the 'change password at next login' at all. Should I file a new Issue for this?

@julianlam
Copy link
Member Author

@teotikalki We have these options exposed under Settings -> User:

image

@teotikalki teotikalki mentioned this issue Mar 19, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@julianlam julianlam

Labels
enhancement
Projects
None yet
Milestone
0.7.0
Development

No branches or pull requests
2 participants
@julianlam @teotikalki