Modify ↓
Opened 13 years ago
Closed 9 years ago
#9941 closed defect (worksforme)
Reset password still valid after first login
| Reported by: | rinon | Owned by: | Steffen Hoffmann |
|---|---|---|---|
| Priority: | low | Component: | AccountManagerPlugin |
| Severity: | normal | Keywords: | needinfo password reset |
| Cc: | Ryan J Ollos | Trac Release: | 0.12 |
Description
After a user (or admin on behalf of the user) resets their password, logs in with their temporary password and is forced to change their password, the user is still able to log in later with that temporary password. Shouldn't AccountManager clear out any password_reset attributes on password change?
Attachments (0)
Change History (4)
comment:1 Changed 13 years ago by
| Cc: | Ryan J Ollos added; anonymous removed |
|---|
comment:2 Changed 12 years ago by
| Keywords: | needinfo added |
|---|
comment:3 Changed 12 years ago by
| Priority: | normal → low |
|---|---|
| Type: | enhancement → defect |
Ping. Could you prove your point somehow. I can't reproduce the reported behavior, and there's not much to be done about this without knowing, there really is a hidden issue.
comment:4 Changed 9 years ago by
| Resolution: | → worksforme |
|---|---|
| Status: | new → closed |
Closing due to 3 years with no reply.
Note: See
TracTickets for help on using
tickets.
This shouldn't apply to current code in
trunk, meant as candidate foracct_mgr-0.4.Please re-check, but watch out for upgrade notes, that explain component name changes (and related activation caveats) as well as changed options for file-based authentication stores.