Univention Bugzilla – Bug 52731
Password reset ignores Password-History-Policy
Last modified: 2022-12-14 12:26:54 CET
Our customer complains about the following misconduct: A teacher resets a student's password via School Administration -> Passwords (Students). In doing so, the password history policy is rightly ignored. Subsequently, the student logs in and has to change his password. However, the password history policy is also ignored and the student can simply set his password to the previous value although this is supposed to be prevented by the global policy. I've been able to reproduce this behavior in a test environment. UCS@school-Version: 4.4 v8
Still occurs on UCS 5.0 with UCS@School 5.0 v3
Fixed in https://docs.software-univention.de/ucsschool-changelog/5.0v3/de/changelog.html#released-on-2022-11-17 *** This bug has been marked as a duplicate of bug 55415 ***