On Mon, 10 Oct 2011 09:46:15 -0700 Toshio Kuratomi a.badger@gmail.com wrote:
On Mon, Oct 10, 2011 at 10:11:44AM -0600, Kevin Fenzi wrote:
On Mon, 10 Oct 2011 09:00:11 -0700 Toshio Kuratomi a.badger@gmail.com wrote:
I think that makring inactive will work for the password change (with the password strength hotifix, we also no longer accept the same password as the user last had). (Off by one we can't catch though: old: "mustang1977" this would still be accepted: "mustang1978")
So, when someone is 'inactive' they can login with their old password, but it will ask them to change it then?
Yep. IIRC we made things work that way when we did our first mass password reset.
Great.
So, if there's no other changes or objections, I will probably send out the announcement tomorrow. Please let me know if you can think of anything else we need to get in place before we announce.
kevin