On Tue, Mar 14, 2017 at 10:58 AM Hasanthi Purnima Dissanayake < [email protected]> wrote:
> Hi all, > > We are in the process of implementing Admin Forced Password Reset via > Offline for existing users in Admin Portal for the new IS 6.0.0 release. > The wireframe design for the UI is found at [1]. > > Admin can select a user and generate a password for the selected user. > This generated password is an OTP. > > This OTP is: > 1. Not adhere to any password policy. > 2. There is no validity period > 3. Once this OTP is used it expires. > 4. Not considered like a normal password and we are going to store it in > IDN_RECOVERY_DATA table. > How do you plan to access the content in this table from the authentication flow. What I wanted to point is, this OTP is another credential for the user. So we should store in a "credential store" which is introduced with new user core. > > [1] > https://github.com/wso2-dev-ux/product-is/blob/master/Wireframes/admin-portal/v3/3.32%20%20Reset%20password%20with%20offline%20OTP%20-%20password%20generated.png > > Thanks, > > Hasanthi Dissanayake > > Software Engineer | WSO2 > > E: [email protected] > M :0718407133| http://wso2.com <http://wso2.com/> > -- Regards, *Darshana Gunawardana*Associate Technical Lead WSO2 Inc.; http://wso2.com *E-mail: [email protected] <[email protected]>* *Mobile: +94718566859*Lean . Enterprise . Middleware
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
