On Mon, Aug 29, 2011 at 10:57 AM, Mark Thomas <[email protected]> wrote: > On 29/08/2011 15:48, Rob Weir wrote: >> On Fri, Aug 26, 2011 at 6:57 PM, Mark Thomas <[email protected]> wrote: >>> As per [1], all user passwords (except those for ASF infra users with >>> system admin privs) have been reset to: >>> >>> password >>> >>> Assuming no show stopper issues are reported on [1] before 23.59 UTC >>> Monday 29 August 2011 then ASF infra will work with Oracle to make the >>> existing bugzilla instance read only and move the latest data to the ASF. >>> >> >> For the production instance, are we preserving the original >> login/passwords, or will they also be all set to "password"? > > We don't have the original passwords. > > For production, users will have to reset their password before they can > gain access. A banner notice will be used to inform users of this > requirement. Those that haven't reset their password after ~6 months > will be deleted if possible or disabled if deletion is not possible. >
Excellent, thanks! -Rob > Mark > >> If for some reason we cannot preserve the user's account access via >> their former password, I think we should either force a reset at their >> first login attempt, or if that is not available, set all passwords to >> a random password, which essentially forcies the user to reset their >> password. >> >> >>> e-mail remains disabled on the test instance and any changes made will >>> be lost with the latest data is re-imported. >>> >>> Mark >>> >>> [1] https://issues.apache.org/jira/browse/INFRA-3884 >>> > >
