Force reset password
Closed this issue · 2 comments
So that I don't forget and other can comment as well.
Additional option in admin that will force user to reset password after their next login. So after login it will force them to the password page and won't allow them to any other user pages until they reset password.
I'm thinking of utilizing '''resetsendon''' field in the account table for this.
This is useful if DB has been compromised or where accounts are setup by admin and pass from one person to another each year (admin changes the password to something default and then forces the new owner to change password upon sign-up). I get to use this function with annual events a lot.
👍
Right now it works by redirecting to the password page after login. This will still need more improvement in the future.