Dear Colleagues, Dear Santosh,
I doubt if this is a bug!!!
I would recommend if password not changed within
"force-password-reset-days" account should be locked/disabled... until
administrator unlock/enable it or apply another
"force-password-reset-days"
Else, if it is left open... we are creating loop for insecurity in
accessibility of the system...
Regards
Sendoro
On 2016-12-12 04:33, Santosh Math (JIRA) wrote:
Santosh Math created FINERACT-296:
-------------------------------------
Summary: Not able to reset new password after the
existing password expires
Key: FINERACT-296
URL:
https://issues.apache.org/jira/browse/FINERACT-296
Project: Apache Fineract
Issue Type: Bug
Components: User Management
Reporter: Santosh Math
Assignee: Markus Geiss
Priority: Minor
Reported by Subramanya at
https://mifosforge.jira.com/browse/MIFOSX-1863
Original Description:
1. Create a user with valid userid and password.
2. Click on Admin -> System -> Configuration ->
force-password-reset-days as enabled and days as 1.
3. After 2 days try to login with the same above uer
Error message displayes as "
Your password is expired, please reset your password" -> In same page
enter new password and repeat password field and click on Reset
password button.
Not able to update the new password
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
