Community Server on my mind

J-O Eriksson's blog

  • Running on CS 2.1 SP 2

    See top menu for subscription options

    Technology Blogs - Blog Top Sites

    BlogRankers.com

    Add to Technorati Favorites

20 Oct 2006
Thoughts on a Job for Max age of user passwords

As I've mentioned before, I have been working a bit on a CSJob for initially forcing users to change passwords after a specified amount of time. And I thought I'd share some ideas around it this article, and see if it would be a usable CSJob.

I have most of the code working in my development environment. But it seems that forcing a user to login at next visit might not be that easy. Well, first, let me show you a picture on how I have been thinking about this. I played around with Mindjet Mindmanager to do this map.


Click on the picture to see it in its original size.

So the add-on is done as a CSJob, which you can set to run at desired intervals. When it runs, it gets a specified UserSet, and loops through it, checking for if the users password is older than the number of days that you specify in the Job entry in communityserver.config (MaxDaysForPasswords). Here's an example of the jobentry with parameters.

<job singleThread="false" minutes="1440" name = "UserPasswordMaxAge" 
    type="UserPasswordMaxAge.CSJobs.JOEriksson.UserPasswordMaxAge,UserPasswordMaxAge" 
    enabled ="true" enableShutDown = "false" MaxDaysForPasswords="3" 
    AdminMail="admin@myCSSite.com" />

If the Password is older, I use the User.ResetPassword to use CS's built in method for changing this. After also setting User.ForceLogin to TRUE, I send an e-mail to the user telling them that their password has expired, and what their new password is, as well as asking them to login and change it.

Yes, I know, this might not be exactly what you want. But the only way I found so far to force a change of the password. One problem is, they can login and change back to their old password again, unless you build more on the code above and saves some kind of password list. Let's say we could save the 10 last passwords for each user and somehow force them to not use any of them. This together with setting the regex for how passwords can be built, and maybe it would be useful.

But what I got today is what you see on the map above, with UserForceLogin not working as I expected. Would it be useful in it's current shape, if I could get ForceLogin to work? Please comment.

If you enjoyed this post Subscribe to my feed via RSS or e-mail!
Posted: Friday, October 20, 2006 8:50 AM by J-O Eriksson

Comments

No Comments

Leave a Comment

(required) 

(required) 

(optional)

(required) 

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS