Feature #59074

[FE] Ask for password-change on next login

Added by Stefan Neufeind about 8 years ago. Updated over 2 years ago.

Status:
Rejected
Priority:
Should have
Assignee:
-
Category:
felogin
Target version:
-
Start date:
2014-05-24
Due date:
% Done:

0%

Estimated time:
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

  • flag for a user that the password neeeds to be changed on next login
  • addition to the login to perform a password-change

Related issues

Related to TYPO3 Core - Feature #59073: [BE] Ask for password-change on next loginRejected2014-05-24

Actions
Related to TYPO3 Core - Feature #80793: provide configurable password policiesOn Hold2017-04-10

Actions
#1

Updated by Stefan Neufeind about 8 years ago

Optional might imho be a way to allow a "skip now" for a certain amount of time (probably controllable through hooks.
The login or password-change might need to offer it - but if and how the skip should be available could then be up to hooks to set so the logic for that inside TYPO3 remains small.

#2

Updated by Riccardo De Contardi over 5 years ago

  • Subject changed from Ask for password-change on next login to [FE] Ask for password-change on next login
#3

Updated by Riccardo De Contardi over 5 years ago

  • Related to Feature #80793: provide configurable password policies added
#4

Updated by Benni Mack over 2 years ago

  • Status changed from New to Rejected

Hey Stefan,

I consulted with the security team, and we decided that this won't go into TYPO3 Core, but rather be a standalone extension (as there are multiple extensions out there already). This isn't part of the BSI requirement anymore, and thus does not need to be part of TYPO3 Core.

Also available in: Atom PDF