On Tue, Jul 3, 2012 at 1:50 PM, Alex <mysqlstudent@xxxxxxxxx> wrote: > Hi, > > I have a system with a few hundred users, soon to be upgraded to the > latest v1.4 squirrelmail. Many of these users have the same password > as their username, so we'd like to find the best method for changing > the user's passwords with the least amount of impact. > > Is there any mechanism within squirrelmail that would relate to this > process? In other words, we'd like to notify users that their password > has expired, or that they need to enter their old password then choose > a new password before they can login. Is this how the change_password > plugins work? The change password plugins provide an interface in SquirrelMail for allowing users to change their passwords, not for testing the strength of their existing passwords. These are two different jobs. > This would be easier than locking their account and forcing them to > call the helpdesk when they can't figure out why their account isn't > accessible. > > Is there a stable v1.5? It seems the best support for this type of > functionality is in v1.5, but it seems to still be experimental? This has nothing to do with 1.4 vs. 1.5. > I had asked about a similar situation back in February, but all users > are stored in /etc/passwd. Is it an easy process to migrate to mysql? > Is that necessary? The SQL reference was made because the change password plugin that supports SQL-based accounts has a similar feature, but still not the same as what you are asking for. You could commission the construction of a new plugin (or new module for existing plugin) that does login-time checks for poorly chosen passwords and forces users to change the password before doing anything else. -- Paul Lesniewski SquirrelMail Team Please support Open Source Software by donating to SquirrelMail! http://squirrelmail.org/donate_paul_lesniewski.php ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
