Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-22739

Setting password to 'changeme' forces password change but this doesn't make sense for auth plugins that can't change the password

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.9.9
    • Fix Version/s: 2.0
    • Component/s: Authentication
    • Labels:
      None
    • Affected Branches:
      MOODLE_19_STABLE
    • Fixed Branches:
      MOODLE_20_STABLE

      Description

      There is a little known feature in user/login.php that sets the forcepasswordchange option to true in the user preferences.

      However, this is applied in all cases. If the user's auth setting is an external method that cannot change the password then the user is (effectively) locked out because Moodle can't change the password and they can't log in without changing it.

      Either this option should not be applied for those auth types or the forcepassword change facility should be skipped for those auth types (or both).

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              skodak Petr Skoda
              Reporter:
              howardsmiller Howard Miller
              Tester:
              Nobody
              Participants:
              Component watchers:
              Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                24/Nov/10