SMF Development > Applied or Declined Requests

Password expiration

<< < (2/2)

Benchtech:

--- Quote from: 青山 素子 on January 08, 2012, 08:18:53 PM ---It's not a bad idea, especially if it's an internal board and password policy is to require a change every so often (said group should be using a centralized authentication in such a case, anyway) or for boards of certain kinds. However, for general-purpose boards, it's a bad idea as it can lead untrained users to use much weaker passwords.

As password rotation isn't a generally-used feature, this might be better tested as a modification to check for popularity and stability. Of course, any feature acceptance is something only the developers can make.

--- End quote ---

I do agree with that, I'd use it for the purposes of resetting passwords. You can reset someones password and tell them to change their password but they often don't bother. I love resetting passwords with Google Apps and making it so the user has to change it before they can go any further. This is perticually good for moderators who have power on the forum.

青山 素子:
Password rotation is different than flagging a one-time password change. I actually like the idea of a flag that will force a user to set a new password. Perhaps you can put this as a new feature request?

Benchtech:

--- Quote from: 青山 素子 on January 10, 2012, 03:21:20 PM ---Password rotation is different than flagging a one-time password change. I actually like the idea of a flag that will force a user to set a new password. Perhaps you can put this as a new feature request?

--- End quote ---

Good idea I will do this, thanks :)

Navigation

[0] Message Index

[*] Previous page