Password Expiration - Printable Version +- webERP Forum (http://www.weberp.org/forum) +-- Forum: webERP Discussion (http://www.weberp.org/forum/forumdisplay.php?fid=1) +--- Forum: Development Discussion & Specification (http://www.weberp.org/forum/forumdisplay.php?fid=10) +--- Thread: Password Expiration (/showthread.php?tid=2724) |
Password Expiration - agaluski - 03-12-2016 I have added some new feature in my branch. 2 new parameters are added to the system 1) Password change days. Default value is 0. If 0, no password expiration check. If positive, passwords must be changed every N days 2) Password Length, default 5 to keep current behavior. Allows long. If set then password changes MUST be at least N characters long. A new check is done in UserSettings.php to ensure new password entered is not the same as current password (in future will prevent re-use - new param) Every page checks password expiration and if password is expired redirects to UserSettings.php with a message that password must be changed. Since I am a few versions behind I can't just check in the code to the project (Biggest difference is $db parm - I still have it). I can contribute it if anybody else wants the code or wants to merge it with main project. Just contact me directly. I am currently doing some final testing Caveat - uses date_diff, php 5.3 required for that to work. RE: Password Expiration - TimSchofield - 03-12-2016 I have had customers requesting password expiration but personally i don't like it. I feel it encourages simple passwords. For instance i have a 14 chracter password containing mixed case letters numbers and symbols which i can type in but even somebody watching me would have great trouble memorising. However if I had to change it frequently i would have to choose something much simpler as i would have problems with my aging memory. Just my 2 cents Tim RE: Password Expiration - agaluski - 03-12-2016 Sometimes it is required based on industry, customers etc RE: Password Expiration - phil - 03-14-2016 I think its a good idea - to have it as an option |