Downloads: A new file has been added by condector:
Force Password Change (http://www.roundcubeforum.net/downloads.php?do=file&id=29)
Forces the user to change his password when it gets older than x days.
Found this thread while looking for password force options for our system. This won't work for me since we aren't running postfix.
But after looking at it, I wonder if there might be any interest in a similar plugin that leverages whatever password changing tool that people are already using?
I'm not strong in either PHP or javascript, so it would take me some time to build this myself. But here's what I'm envisioning:
- The users' password age (or date of last change) would be stored in a database somewhere, probably in the users' preferences.
- If the password age exceeds the limit (set as days in a config file in the plugin), on successful login the user is not redirected to the Inbox, but is directed to the Password tab in the Settings. This would leverage whatever plugin in use - password, syscp_password, hmail_change_password, etc.
- If a user has no password age (new account), it is treated as aged out and redirects to the password tab as above.
- The only glitch I see here is that the password page (whatever plugin is in use) would need to be able to update the password age in the database. Not sure how a new plugin would hook into that.
Where can I get the force password change plugins? The download link is no longer valid.
I've attached the plugin to this post.