XF 2.2 Is there an addon for password change on login

Fattycakez1

Fattycakez1

Active member
Is there's an addon that can prompt password change on login?

Like when someone logins for the first time it forces him to change password.
 
Sort by date Sort by votes
I'm assuming there's a specific use case here?

Usually a user logging in for the first time has just registered therefore they have only just chosen their password.

So presumably you're setting passwords manually for users or manually creating users or something?

If so, whichever users you want to apply that behaviour to you can "lock" their account from the user edit page in the Admin CP. Set the "Security lock" option to "Locked: User must change password".

Once logging in with their existing password, they'll be asked to change it before being able to use the site.
 
Upvote 0 Downvote
Chris D said:
I'm assuming there's a specific use case here?

Usually a user logging in for the first time has just registered therefore they have only just chosen their password.

So presumably you're setting passwords manually for users or manually creating users or something?

If so, whichever users you want to apply that behaviour to you can "lock" their account from the user edit page in the Admin CP. Set the "Security lock" option to "Locked: User must change password".

Once logging in with their existing password, they'll be asked to change it before being able to use the site.
Click to expand...

That's perfect exactly what i need
But i need to do it for every user like bulk

Is there a query or something?

My use case is that i have steam logging and i'm removing it soon

So i need to make it so when they login with steam they are forced to change a password "technically set a password" then when i remove steam they can login with their username and normal password.
 
Upvote 0 Downvote
@Chris D Sorry for bothering

Unfortunately It didn't go as planned as when I set their lock to force them to change password
When they log in with steam it asks them for their current password which they don't know because it always been steam logging


Is there a way to make it so it would just give them the option to put a new password? Without asking for current one?

If not then

Is there a way to make their password blank? So when they are forced to change password it will find that there's no password then it will reset it by email.
 
Upvote 0 Downvote
Their password should already be blank but I guess it depends on the exact Steam implementation. We have an authentication handler called XF:NoPassword which is what should be given to users who have registered through a connected account and never set a password

As a proof of concept I just registered a new account via Twitter here and then from my admin account set it to security lock.

When I log back in with Twitter, it works as expected:

31283F61-7775-455D-B6C5-A3A0DB667516.png 1ED97F7D-0751-4971-864F-EA1F147F9679.png

After receiving the email I just need to set my new password:

4F9647A0-FB2A-4C39-B7AA-0FC2B910A49E.webp

If your experience is different are you sure you tested on account that has never set a password? Even if you register through a connected account it is possible to add a password to your account down the line by going to the account/security URL.

But for an account that has never had a password set the experience should be as I set out above.
 
Upvote 0 Downvote
Chris D said:
Their password should already be blank but I guess it depends on the exact Steam implementation. We have an authentication handler called XF:NoPassword which is what should be given to users who have registered through a connected account and never set a password

As a proof of concept I just registered a new account via Twitter here and then from my admin account set it to security lock.

When I log back in with Twitter, it works as expected:

View attachment 253233 View attachment 253234

After receiving the email I just need to set my new password:

View attachment 253235

If your experience is different are you sure you tested on account that has never set a password? Even if you register through a connected account it is possible to add a password to your account down the line by going to the account/security URL.

But for an account that has never had a password set the experience should be as I set out above.
Click to expand...

Thank you for the explanation
Sadly my case is a bit weird

Before i added steam connected accounts
I had members who normally registered via xf form but then after I added steam people started registering via steam which in this case has XF:NoPassword
But the main issue is the old users who doesn't know or remember their password

The question now is can I batch every user in my forum to be XF:NoPassword
Or can I modify something so it doesn't ask for their current password when I force them.
 
Upvote 0 Downvote
Fattycakez1 said:
But the main issue is the old users who doesn't know or remember their password
Click to expand...
They just need to reset their password then. It has the same effect and will undo the security lock once completed.

I really wouldn't recommend fiddling with the database. If they had a password and they've forgotten it then they just need to reset it like a user normally would in that situation.
 
Upvote 0 Downvote
Chris D said:
They just need to reset their password then. It has the same effect and will undo the security lock once completed.

I really wouldn't recommend fiddling with the database. If they had a password and they've forgotten it then they just need to reset it like a user normally would in that situation.
Click to expand...
Yeah understandable
I just thought I would make it a bit friendly if I make everyone password XF:NoPassword

So it looks like your screenshot
A bit easier on the user and friendly
1ed97f7d-0751-4971-864f-ea1f147f9679-png.253234
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

S
Require password reset upon login
Replies
2
Views
331
stromb0li
S
mjda
  • Solved
XF 2.2 Change log shows user password changed by another user
Replies
6
Views
640
Paul B
Paul B
duderuud
  • Suggestion Suggestion
Change password reset messages
Replies
0
Views
306
duderuud
duderuud
Jeffin
Password manager not able to login
Replies
0
Views
437
Jeffin
Jeffin
V
Addons change password at set times.
Replies
1
Views
281
Onlyme
O
Top Bottom