FlexHub Forum
  1. FlexHub Forum
  2. FlexHub General
  3. Feature requests
  4. User Accounts password expiry/force changes
« previous next »
Pages: [1]   Go Down

User Accounts password expiry/force changes

  • 4 Replies
  • 5673 Views

Offline MØ®®ØW‡ÑЙ

  • Certified Wooosher
  • *****
  • 26
User Accounts password expiry/force changes
« on: June 27, 2010, 18:08:48 »
Functionality to be able to make time limits for expiry of passwords for user accounts [your password is about to expire in <amount of days> please change] user is able to retrieve their password and create a new one this will limit amount of user passwords being *coughs* hacked! or misused. Timelimit variable dependant on whatever hub owner sets to min:30days - max:365days, possibly ability to /force complexity passwords also.
Logged

Offline LadyStardust

  • *****
  • 257
  • aka Puma
Re: User Accounts password expiry/force changes
« Reply #1 on: June 27, 2010, 18:30:11 »
I guess a few hubowners would like it :)
But what about password expiring when user is offline or away from a keyboard? And after account/password will expire he will be dropped from a hub and come back with no account or in this case won't be able to login on his nick hub at all...
Logged
Best regards,
LS

Offline TraN

Re: User Accounts password expiry/force changes
« Reply #2 on: June 28, 2010, 18:09:13 »
I think that could be done using the allready existing account expiration date, and a simple check box "Warn before expiring" or something, and when the chosen expiration date is getting close, the user will get a pm on login to change password... when that is done, time could be added to the expiration date... well, maybe im totally wrong, just an idea :)
Logged

Offline MØ®®ØW‡ÑЙ

  • Certified Wooosher
  • *****
  • 26
Re: User Accounts password expiry/force changes
« Reply #3 on: June 28, 2010, 19:29:07 »
A notification could possibly still be left on the user account and during the login process enter* old password *enter* new password could take place or in that instance if the person forgot the old password maybe have a "useful hint" sent to client like when joining sites etc or net accounts? maybe is possible!
« Last Edit: June 28, 2010, 19:54:46 by MØ®®ØW‡ÑЙ »
Logged

Offline FlipFlop™

  • FlexHub Developer
  • *****
  • 505
Re: User Accounts password expiry/force changes
« Reply #4 on: June 28, 2010, 20:42:15 »
Nice idea!

Currently the expiration date is used to be able to create a temporary account, but that's probably less useful than the option for expiring passwords. It could be used for password expiration instead, and without notification, will result in a blocked account anyway :P

I think the easiest and most userfriendly version would be to just allow the user to enter with old pass, but spam him in mainchat to use +password <blabla> to change his pass once expiration date is close. No hard expiration that way, but nagging might work, this is useful for high profiles only anyway i think.

Btw: sending hints to a user who has forgotten his pass is just dangerous imho, makes it easier to guess a password when attempting to hack an account.

Edit: Making it a hard expiration should be possible, so a hubowner can enforce the passchange and keep security 'up to date'.
« Last Edit: June 28, 2010, 20:49:37 by FlipFlop™ »
Logged
Check the new FlexHubList!           Add awesome statistics like this for your hub!

This post is a natural product. The slight variations in spelling and grammar enhance its individual character and beauty and in no way are to be considered flaws or defects.
Pages: [1]   Go Up
« previous next »
  1. FlexHub Forum
  2. FlexHub General
  3. Feature requests
  4. User Accounts password expiry/force changes