On 29/08/2011 15:48, Rob Weir wrote: > On Fri, Aug 26, 2011 at 6:57 PM, Mark Thomas <[email protected]> wrote: >> As per [1], all user passwords (except those for ASF infra users with >> system admin privs) have been reset to: >> >> password >> >> Assuming no show stopper issues are reported on [1] before 23.59 UTC >> Monday 29 August 2011 then ASF infra will work with Oracle to make the >> existing bugzilla instance read only and move the latest data to the ASF. >> > > For the production instance, are we preserving the original > login/passwords, or will they also be all set to "password"?
We don't have the original passwords. For production, users will have to reset their password before they can gain access. A banner notice will be used to inform users of this requirement. Those that haven't reset their password after ~6 months will be deleted if possible or disabled if deletion is not possible. Mark > If for some reason we cannot preserve the user's account access via > their former password, I think we should either force a reset at their > first login attempt, or if that is not available, set all passwords to > a random password, which essentially forcies the user to reset their > password. > > >> e-mail remains disabled on the test instance and any changes made will >> be lost with the latest data is re-imported. >> >> Mark >> >> [1] https://issues.apache.org/jira/browse/INFRA-3884 >>
