Uploaded image for project: 'OpenOLAT'
  1. OpenOLAT
  2. OO-3416

Implement password history

    XMLWordPrintable

    Details

    • Funded by:

      Description

      When changing passwords, it is best practice not to use the same password again. A password history must be maintained. Since do not know the password itself, the password hash is kept somewhere when setting a new local password and the new generated hash is tested against the old one.

      • Make password history configurable (only for OpenOLAT login provider)
        • 0 = not enabled
        • n = keep n versions of old password to compare against
      • Make sure LDAP password caching still works even when enabled for local passwords

      The feature is only for local OpenOLAT passwords. It will not affect the LDAP, Shibboleth or oAuth authentication method. Also not affected is the WebDAV and any other internal passwords such as the iCal Feed password. 

       

       

      FX internal reporting: CL-870

        Attachments

          Activity

            People

            Assignee:
            srosse Stéphane Rossé
            Reporter:
            gnaegi Florian Gnägi
            Tester:
            Mandy Menzel
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 6 hours, 5 minutes
                6h 5m