Bug #2169
closed
auto generate passwords invalid
Description
When using auto generate passwords and user approval the password generated and sent in the Pending email appears to always be invalid. A new password is generated after user approval, after user confirmation, and after user registration. However, in backend after user approval a password is only generated if the user does not already have a password. This is NOT the case in frontend user approval nor in user confirmation.
Updated by beat about 13 years ago
- Status changed from New to Assigned
- Assignee set to krileon
Updated by krileon about 13 years ago
Frontend: When sent a pending email containing the generated password the password is confirmed valid. This is status update of BEFORE admin approval.
Updated by krileon about 13 years ago
Frontend: When approved the password sent with the pending email is no longer valid. The password sent with the welcome email is the new valid and working password. This is status update of AFTER admin approval.
It does not seam logical to re-generate a password after approval as the user has already been generated a password and it given to them. Such scenario should only happen if they've not yet been generated a password (unlikely).
However, users could simply specify the password substitution within the Welcome email instead of the Pending email. Don't know if should be classified as bug or just a usability issue.
Updated by krileon about 13 years ago
- Status changed from Assigned to Closed
- % Done changed from 0 to 100
Confirmed working fine and as intended from backend and frontend. All passwords generated are valid at the time of generation (password given after approval will always supersede password given before).
When using generated passwords the Welcome AND Pending emails should both contain the [PASSWORD] substitution for completely accurate results.