-
-
Notifications
You must be signed in to change notification settings - Fork 218
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Change password on first login #9547
Comments
Once the MVP is proven then reset password will be mandatory for all projects so we can ensure all users on all instances are not compromised in future. Until then it's fine to use a feature flag so projects can opt-in to try it out.
One addition to this, is the user loses their phone, or forgets their password and the administrator resets it for them, then the user will be required to change their password again. This is because the password has almost certainly been shared in plaintext so it's once again vulnerable to future leaks. |
Hi @garethbowen I'll be starting this tomorrow (Oct 23). Probably start with conceptualizing the data flow then work on the UI first. Just checking whether you have any comment / clarification before I start ..(anything to add other that what we have in this thread) ? cc @n-orlowski are we going with the single password input design or confirm password design in Figma? |
@Benmuiruri Nothing to add regarding the UX. Potentially explore ways to keep it simple for the MVP, for example, is the password strength bar strictly necessary or something we can do in a separate issue? From an implementation point of view, I think it's a fairly simple process of flagging the user with Finally, because this is in the authentication system we'll have to be very careful not to accidentally break anything. For example, if the feature flag is enabled once users are already logged in they should not be forced to change their password. |
@Benmuiruri let's do with the confirmation input. Also happy to drop the progress bar for MVP (but we should keep the written prompts) |
Adding this to 4.16 |
Okay, sorry for the last-minute design questions here, but I am a bit concerned about how the MVP functionality is going to work from a Programs perspective. (Started this discussion in this PR thread, but wanted to continue it here at a higher level for better visibility....)
Hopefully this has all been previously discussed in threads that I have just missed. If the answer is "yeah, we took all of this into consideration already and decided the current approach is best", then great! I will be happy to move forwards with this, as is. |
Another design question that has come up on the PR is how we should handle basic auth requests from a user that has The current implementation has added an extra lookup for the I am wondering if we could be content with not forcing a password reset for basic-auth requests like this. Instead, we only trigger the password-reset flow from the actual login flow. For normal users with a session cookie, when the admin resets their password, they will be forced to login again (and so will be funneled to the password-reset flow). I am just not sure it is worth adding an extra round-trip for every request just to address this basic-auth edge case.... |
Is your feature request related to a problem? Please describe.
System admin users create accounts for CHWs and then share the password with them. To enhance the security of these accounts, there should be a way to prompt a password change on the first login.
Describe the solution you'd like
On the login page, create a feature to change the password with the following considerations:
change_password_first_login
)Figma design
The scope of this work is to enable changing the password on the first login. It doesn't include changing the password rules or current authentication mechanisms.
The text was updated successfully, but these errors were encountered: