Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-23692

Change Forgotten Username or Password process

XMLWordPrintable

    • MOODLE_19_STABLE, MOODLE_25_STABLE
    • MOODLE_26_STABLE
    • passwordreset-2013-10-07-1031Z
    • Hide

      1. Apply this patch, hit notifications to trigger db upgrade
      2. Go to login page, click the forgot password link
      3. Supply valid username
      4. Check email inbox for that user & click link in email from moodle
      5. Enter new password (twice)
      6. Check that you are now logged in, and can logout & log back in with your new password.

      You can re-run this procedure with permutations of

      • protect usernames on/off
      • new install of moodle with this code, vs upgrade.
      • supplying username, or email address at forgot password screen
      • supplying correct details multiple times (should get max 2 emails)
      • supplying invalid user details
        Although obviously the number of trials skyrockets pretty quickly.
      Show
      1. Apply this patch, hit notifications to trigger db upgrade 2. Go to login page, click the forgot password link 3. Supply valid username 4. Check email inbox for that user & click link in email from moodle 5. Enter new password (twice) 6. Check that you are now logged in, and can logout & log back in with your new password. You can re-run this procedure with permutations of protect usernames on/off new install of moodle with this code, vs upgrade. supplying username, or email address at forgot password screen supplying correct details multiple times (should get max 2 emails) supplying invalid user details Although obviously the number of trials skyrockets pretty quickly.

      As the administrator for a 1.98 site, I have many users who say that the current forgotten password reset procedure is complicated. Would it be possible to have a system as follows:

      1. On the Forgotten password page, user types in username or email address.
      2. Email is sent to person. If they confirm that they want to change their password, they click on the provided link.
      3. They are taken to a change password page where they would need to enter a password conforming to the standards set up by the security settings.

      So instead of Moodle auto-generating a temporary password and emailing it to the person, the person can directly choose a new password.

            peterbulmer Peter Bulmer
            elmonemo21 Michael Buchanan
            Frédéric Massart Frédéric Massart
            Damyon Wiese Damyon Wiese
            Adrian Greeve Adrian Greeve
            Votes:
            11 Vote for this issue
            Watchers:
            20 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.