Hey Andreas,
I am now having a problem with this in 3.6.4.
Initially I set the password to expire in 90 days for all users .
Now 90 days have passed and the password is expired the user cannot change it, they have to contact me to change it for them via admincp.
I have checked this myself and it looks like it locks the user out once the password is expired.
What this needs is to send a password expiry email before the password expires.
I have had to turn it off due to too many people contacting me to change their password.
Hey Andreas,
I am now having a problem with this in 3.6.4.
Initially I set the password to expire in 90 days for all users .
Now 90 days have passed and the password is expired the user cannot change it, they have to contact me to change it for them via admincp.
I have checked this myself and it looks like it locks the user out once the password is expired.
What this needs is to send a password expiry email before the password expires.
I have had to turn it off due to too many people contacting me to change their password.
So is the mod essentially broken with 3.6.4? I really need this and can't believe VB allows such weak passwords. I need to get all my users to change their passwords (expiry) and then want this mod to force them to make decent ones. Will that not work with this mod?
Hey Andreas,
I am now having a problem with this in 3.6.4.
Initially I set the password to expire in 90 days for all users .
Now 90 days have passed and the password is expired the user cannot change it, they have to contact me to change it for them via admincp.
I have checked this myself and it looks like it locks the user out once the password is expired.
What this needs is to send a password expiry email before the password expires.
I have had to turn it off due to too many people contacting me to change their password.
Can you detail exactly what happens se we can try to fix this? I want this working on 3.6.4 / 3.6.5 properly. So a user has to change their password. What exactly happens next? Does it work fine if you DON'T use password expiry or is there a problem any time a member tries to change their password?
Well I finally broke down and installed this on 3.6.5. Seems to work fine. I've tested registrations and users resetting their passwords. Those seem to work well as is. I will be testing "password expiry" shortly and report back.
installed on 3.6.8 and works fine
though, it would be nice to port this hack to 3.6.8 and especially ad the password check also to the "change password" site at the forum, not only for new signups
installed on 3.6.8 and works fine
though, it would be nice to port this hack to 3.6.8 and especially ad the password check also to the "change password" site at the forum, not only for new signups
I concur .. or make something like this a feature of vb as a whole.
On 3.7, if a user edit their password (that is shorter than specified) gets an error - "Your password is too short..." then returns to the User CP.
In actual fact the password does change - if you try to re-change it you get an error saying "Password entered doesnt match your current one..." If you try the "too short" password it works...
This appears to not completely work with current code.
I really could use the "stop users from having same password as their username" as I was just compromised this morning.
From reading, I get the impression this doesn't work right with 3.72. Am I correct, or am I not right, and it does work? I really could use this mod like NOW, since I'm now a known target for this kind of behaviour.