Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-68028

Improved $CFG->passwordpolicycheckonlogin with preference to reset vs change password

    XMLWordPrintable

Details

    • Improvement
    • Status: Open
    • Minor
    • Resolution: Unresolved
    • Future Dev
    • None
    • Authentication

    Description

      This improves upon MDL-67309.

      Lets assume a scenario where a use has a password which has been compromised and is available in HIBP and we check that via in the password policy.

      The user goes to login, the password is bad so we prompt them to change it if they can, or reset it if the auth plugin can't change it. The UX for 'change' is better because they are still logged in, their password gets improved, and they keep going. I think most sites would want this option.

      But 'reset' is more secure. If a password is in HIBP then its usually pretty old. If we know it's been compromised we should not trust it at all, so it would be better to force the user to reset their password via other means.

      So I think $CFG->passwordpolicycheckonlogin should be swapped from a checkbox to a select with options which are still compatible with the current 0 / 1 values:

      0) do nothing

      1) Force password change, or reset if they can't change it

      2) Force a password reset

       

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              brendanheywood Brendan Heywood
              Jake Dallimore, Mathew May, Mihail Geshoski
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: