Univention Bugzilla – Bug 51405
Self Service: Expired passwords need to be handled better - "Your profile"
Last modified: 2020-11-10 14:24:30 CET
UCS: 4.4-4 errata617 Scenario: I use a simple password policy, e.g. minimum length is 8 characters. I have a user whose password expired. This is quite common for new users, when the option "change password at next login" is checked. This user tries to use the Self Service to change their password. Expected behaviour: The Self Service dialog for "Your profile" tells me that my password expired. It then offers to change my password and tells me the requirements (e.g. at least 8 characters). Observed behaviour: The Self Service dialog for "Your profile" does not tell me that my password expired. Instead it I can login and change all the settings - despite my password being expired!
Self Service supports now SAML SSO (Bug #51607) - the handling of expired passwords is way better in the SAML login -> WORKSFORME