Project

General

Profile

Feature #24655

mgr/dashboard: Enforce password change upon first login

Added by Lenz Grimmer about 1 year ago. Updated about 2 months ago.

Status:
Need Review
Priority:
Normal
Category:
dashboard/usermgmt
Target version:
Start date:
06/25/2018
Due date:
% Done:

80%

Source:
Tags:
dashboard
Backport:
Reviewed:
Affected Versions:
Pull request ID:

Description

For local user accounts, it should be possible to enforce a password change upon the first login to the dashboard. This could be determined by either having a flag associated with the user (e.g. "reset_password"), or by checking a "last login" timestamp (which would also make it possible to enforce a password change after a certain period of time). With regards to issue #24654 it might actually be feasible to have the "reset_password" flag as well.


Related issues

Related to mgr - Feature #40248: mgr/dashboard: As a user, I want to change my password Resolved 06/10/2019
Related to mgr - Feature #25229: mgr/dashboard: Provide user enable/disable capability Resolved 08/02/2018
Related to mgr - Feature #25232: mgr/dashboard: Support minimum password complexity rules Need Review 08/02/2018
Related to mgr - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user password New 07/18/2019
Related to mgr - Feature #39999: mgr/dashboard: Prevent brute-force/dictionary attacks against existing local user accounts New 05/22/2019

History

#1 Updated by Lenz Grimmer about 1 year ago

  • Assignee deleted (Lenz Grimmer)
  • Tags set to dashboard

#2 Updated by Lenz Grimmer about 1 year ago

  • Category changed from dashboard/general to dashboard/usermgmt

#3 Updated by Elzbieta Dziomdziora 7 months ago

  • Assignee set to Elzbieta Dziomdziora

#4 Updated by Elzbieta Dziomdziora 4 months ago

  • Status changed from New to Need Review
  • % Done changed from 0 to 100

#5 Updated by Elzbieta Dziomdziora 4 months ago

  • % Done changed from 100 to 80

#6 Updated by Lenz Grimmer 3 months ago

  • Pull request ID set to 28405

#7 Updated by Tiago Melo 3 months ago

I think we need to improve a few aspects of this process.
Here are the steps I would recommend:

1. The admin should be able to enable a field requiring the users to change his password next time he tries to log in.
This can be done during creation or update of the user.

2. When a user tries to login and the "reset password" flag is enabled, the login should fail.
The backend should respond with a special token that will be used to reset the password.
This token should have a TTL and be stored.
Maybe we could use the same field as the SSO, and send the redirect URL.

2.1 If a user tries to login again and there is already a reset token that has expired, the user should be disabled.

3. The user should be redirected to page, similar to login, where it does not need to be logged in.
The URL of this page should contain the token sent by the backend.
p.e.: localhost/#/reset/<TOKEN>

4. For extra security we should ask the user to type twice the new password.
After the user types the passwords and press "submit", we should attach the token to the request.

6. The backend will verify all the data and then change the user password.
If the TTL has expired, we should disabled the user account and show a message telling the user to contact an admin.

#8 Updated by Lenz Grimmer 2 months ago

  • Tags set to security
  • Target version set to v15.0.0

#9 Updated by Lenz Grimmer 2 months ago

  • Related to Feature #40248: mgr/dashboard: As a user, I want to change my password added

#10 Updated by Lenz Grimmer 2 months ago

  • Related to Feature #25229: mgr/dashboard: Provide user enable/disable capability added

#11 Updated by Lenz Grimmer 2 months ago

  • Related to Feature #25232: mgr/dashboard: Support minimum password complexity rules added

#12 Updated by Lenz Grimmer 2 months ago

  • Related to Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user password added

#13 Updated by Lenz Grimmer 2 months ago

  • Related to Feature #39999: mgr/dashboard: Prevent brute-force/dictionary attacks against existing local user accounts added

#14 Updated by Elzbieta Dziomdziora about 2 months ago

My plan for this ticket is to create a checkbox, where admin can decide whether the user has to or doesnt has to change the password. The value is set in access_control file under name forceCheckPwd, and it is going to be checked during login phase.
According to the ticket 40329, it will have expiration date, which will be checked when the forceCheckPwd is true.
When the time for changing password will expire,there will be massage to contact the admin.
When it will be possible to change password then the user will be navigate to the changePassword page.

Also available in: Atom PDF