https://bugzilla.wikimedia.org/show_bug.cgi?id=54997
Web browser: ---
Bug ID: 54997
Summary: Add Password Expiration functionality
Product: MediaWiki
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: General/Unknown
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
Classification: Unclassified
Mobile Platform: ---
In the event that the site owner needs the users to change their password for
some reason, it would be nice for MediaWiki to have the concept of password
expiration.
Typically, I've seen this implemented that a date attribute can be stored on
the User, and then a configurable number of days before or after that date, the
user gets a "soft" password reset on login-- they are asked to change their
password, but they are still logged in and can skip the process for now. After
the "soft" phase, the user gets a "hard" reset, and cannot login without
changing their password.
After the user resets their password, we could probably have a flag to
automatically set the next expiration date, for users that need to comply with
password-reset schedules.
The WMF currently has a hack in place on their sites to do a "hard" reset for a
set of users, so having this feature in core would decrease our tech-debt, as
well as providing a better product for other users of MediaWiki.
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
