Bug #98021
Updated by Sybille Peters over 2 years ago
h2. Reproduce
1. Several BE users, only one user (testuser1) with email address (necessary criteria for password reset)
2. If testuser1 is disabled, the password reset link is not displayed, if he is enabled, it is displayed, so that is working correctly.
3. BUT, if testuser1 is enabled, but has options.passwordReset = 0 set in his User TSConfig, then the link is still displayed (though no one can reset their password)
shouldn't the link NOT be displayed if none of the users has the criteria for password reset?
Also, the password reset link is sent if requested.
!be_user_options_passwordReset.png!
h2. Documentation
User TSconfig: options.passwordReset
https://docs.typo3.org/m/typo3/reference-tsconfig/main/en-us/UserTsconfig/Options.html#passwordreset
h2. Changelog
The password reset link will only be displayed if several criteria are confirmed:
> The user has a password entered previously (used to indicate that no third-party login was used)
> The user has a valid email added to their user record
> The user is neither deleted nor disabled
> The email address is only used once among all Backend users of the instance
https://docs.typo3.org/c/typo3/cms-core/main/en-us/Changelog/10.4/Feature-89513-PasswordResetForBackendUsers.html