Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

Forum Module /

Discuss the Forum Module.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Get User to change password on next login


Go to End


5 Posts   3943 Views

Avatar
macka

Community Member, 33 Posts

11 February 2011 at 12:34pm

Hi Guys,
I was wondering, is it possible to get the user to change their password after logging in?

I was about to import a heap of people into the forum and i would like them all to change their passwords as they login...

Grant

Avatar
johnmblack

Community Member, 62 Posts

24 October 2011 at 5:23pm

Very interested in hearing any solutions.

Avatar
JonoM

Community Member, 130 Posts

25 October 2011 at 1:19pm

Looking at the Member table there is a PasswordExpiry column which accepts a date. For all members you want to have reset their password - maybe try setting that date to a date in the past? I assume this would force a member to change their password upon next login.

If that doesn't work another possibility is to use the MemberPassword table - all previous passwords are stored here for any member (so if required you can ensure members don't use a previous password). You could write some simple SQL to count the number of passwords stored here for a particular member, if the count is only 1 then you can assume they're using the original password you generated for them and prompt them to change it.

Avatar
JonoM

Community Member, 130 Posts

18 March 2015 at 5:15pm

Edited: 18/03/2015 5:23pm

Just updating this post for anyone who finds it. Here's an approach that uses an extension hook to allow you to promt a password change on the fly at the time the member logs in.

class CustomMember extends DataExtension {
	public function beforeMemberLoggedIn() {
		$promptToChangePassword = // Do some custom validation
		if ($promptToChangePassword) $this->owner->PasswordExpiry = '1999-01-01';
	}
}

Apply the extension to Member and members you target should be redirected to Security/changepassword after logging in. Note that as per the built in functionality this doesn't force members to change their password, it just encourages them to do it.

Avatar
johnmblack

Community Member, 62 Posts

19 March 2015 at 1:50am

This seems like a great ad-hoc solution, but I am still very disheartened that it's not baked in. This is basic user management stuff here.