Skip to content

add more functionality#9

Open
lisps wants to merge 8 commits intosplitbrain:masterfrom
lisps:master
Open

add more functionality#9
lisps wants to merge 8 commits intosplitbrain:masterfrom
lisps:master

Conversation

@lisps
Copy link
Copy Markdown
Contributor

@lisps lisps commented Jun 17, 2014

  • add old passwords to policy check
  • add password expire time
  • force user to change password
  • warn user to change password
  • add start_date to have a transition time before first password change

i think its not yet ready for merging, more for a discussion base

@lisps
add old passwords to policy check
c8806d9 
add password expire time
force user to change password
warn user to change password
add start_date to have a transition time before first password change
splitbrain
splitbrain reviewed Jun 17, 2014
View reviewed changes
Comment thread helper.php
Copy link
Copy Markdown
Owner

@splitbrain splitbrain Jun 17, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wouldn't use JSON here. Just a simple text file with one hash per line.

@splitbrain
Copy link
Copy Markdown
Owner

splitbrain commented Jun 17, 2014

I added a few comments.

In general I'm not a friend of expiring passwords as this usually does not increase but instead decreases security (Users rely on simple incrementation schemes or publically written down passwords), however I think it makes sense to have this in this plugin as it is a common requirement.

@lisps
store passhistory in one file per user
0fafd30 
do not user json anymore
get last password change date by filemtime from passhistory file
rewrite conf language file
@lisps
Copy link
Copy Markdown
Contributor Author

lisps commented Jun 23, 2014

can you check my last commit again? thanks

splitbrain
splitbrain reviewed Jul 1, 2014
View reviewed changes
Comment thread action.php Outdated
Copy link
Copy Markdown
Owner

@splitbrain splitbrain Jul 1, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

dates should be formatted with dformat()

@lisps
Copy link
Copy Markdown
Contributor Author

lisps commented Aug 19, 2014

can you merge this or say what to do to get it merged?

@splitbrain
Copy link
Copy Markdown
Owner

splitbrain commented Jan 9, 2015

I'm still no fan of the date_start parameter. I think it's unnecessary. Instead you should simply create an (empty) passhistory file for the user you're checking. Then compare with the filemtime of that file. This way each user will have to change the password expire days after the first login after the plugin has been installed.

@Luiggy
Copy link
Copy Markdown

Luiggy commented Apr 27, 2016

would it be updated for the password policy expiration?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lisps @splitbrain @Luiggy