-
Suggestion
-
Resolution: Unresolved
-
None
-
None
-
Linux Debian
I'm using CROWD to manage an LDAP tree with all my users. We use this LDAP tree to authenticate our users on our e-mail server and on many other systems.
When a user has lost his password, he has no really good option to reset:
- he cannot reset it from the Crowd Console (he cannot access it any more)
- the admin cannot reset it for him directly from Crowd, as Crowd would send an e-mail with the new password to the user, and the user cannot access his mail any more.
So essentially all the "lost password" issues end up in:
- an escalation to the admin (me)
- some waiting time for the user until I can react on it
- an e-mail to the user's personal e-mail account with his new password... as we cannot use the corporate e-mail account to do this.
I would be in favor of implementing an alternate method to recover a lost password, ie:
- mail to an alternate e-mail address which would be pre-linked to the account. This should be triggered by the user himself.
- SMS to the users's cell phone (may require an external SMS gateway, but it would be really practical)
- ... other ideas ?
- relates to
-
CWD-3323 Advise users of integrated applications about expired passwords
- Closed