Hi Ayesha, We can extend Ask Password feature we developed in IS 5.3.0 to support this feature. So, we can send a confirmation email rather than an OTP.
Thanks Isura *Isura Dilhara Karunaratne* Senior Software Engineer | WSO2 Email: [email protected] Mob : +94 772 254 810 Blog : http://isurad.blogspot.com/ On Mon, Sep 26, 2016 at 10:03 PM, Ayesha Dissanayaka <[email protected]> wrote: > Hi, > > I have created public jira IDENTITY-5166 > <https://wso2.org/jira/browse/IDENTITY-5166> to track this implementation. > > Thanks! > -Ayesha > > > > On Mon, Sep 26, 2016 at 5:14 PM, Ayesha Dissanayaka <[email protected]> > wrote: > >> Hi, >> >> I have started working on [1], which forces password reset for a user >> after a administrative password recovery action. >> >> Based on the off-line discussion with Darshana, this flow can be as >> follows. >> >> 1. User, '*Bob*' forgets password and request administrative person >> for a password reset action >> 2. Admin person reset the password and provide a new password to *Bob* >> off-line >> 3. This can be performed using management console >> 4. When *Bob* tries to log-in with newly provided password, login >> page should prompt password reset UI to *Bob* >> 5. And without changing the password Bob cannot login to the system >> 6. There should be a way to distinguish *user password reset* vs. *admin >> password reset*. >> >> But additionally, there can be enhancements to this flow by sending an >> OTP in an email to the user, 'Bob' and enforcing password reset by >> directing to a provided link. >> >> What are your thoughts on this? >> >> [1] https://redmine.wso2.com/issues/5417 >> >> Thanks! >> -Ayesha >> >> -- >> *Ayesha Dissanayaka* >> Software Engineer, >> WSO2, Inc : http://wso2.com >> <http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg> >> 20, Palmgrove Avenue, Colombo 3 >> E-Mail: [email protected] <[email protected]> >> > > > > -- > *Ayesha Dissanayaka* > Software Engineer, > WSO2, Inc : http://wso2.com > <http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg> > 20, Palmgrove Avenue, Colombo 3 > E-Mail: [email protected] <[email protected]> > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > >
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
