Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-30236

Force password reset for all users

XMLWordPrintable

    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion.

      Administrators should have an easy way to force users to change passwords in bulk format in emergencies.

      Has this been discussed as a possible feature?
      Are there drawbacks to having a mass password reset force in administration?

      Would setting password expiration to 1 (day) expire all passwords in 24 hours? Is there a way this can be immediately enforced on all users without manually manipulating the database?

      This is a result of the security vulnerability notification of 8.5.2013. Customers desire a way to force all users to change passwords. This specific case prompted by a Confluence instance backed by crowd. Setting the requiresPasswordChange field to true in the database for all confluence directory users does not prompt Confluence users to change their password on login. It shows failed authentication error.

              Unassigned Unassigned
              rgoodwin Ryan Goodwin (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

                Created:
                Updated:
                Resolved: