10.0:documentation:modules_pwd

Modules - Password reset module [pwd-reset]

The module provides functionality of password reset or, in other words, recovery of forgotten password.  Password reset process

Password reset module now doesn't support Sql Server
Version before 1.7.0 doesn't set valid till to password after password reset and password generate. Is highly recommended use version 1.7.0

User can start the process on CzechIdM login page where is a "Forgotten password" link. In next step user is required to enter account identifier. For now, identity email or login are supported and admin can use configuration property to select which of these (or both) can be used.

CzechIdM generates validation token which is sent to user via notification. After clicking on link, user is asked to fill in new password. If password change succeeds (password validation is OK and users can change their own password), then user can log in to CzechIdM with new password.

While user finished process with password reset is also set password valid till from default password policy configuration (password max age attribute).

Password reset module changes users passwords in CzechIdM or all managed systems depending on the module configuration.

Password reset module generates new password by default password policy for IdM and all managed systems depending on the module configuration. Form for password generate is part of password change component.

During password generate is also setup password valid till from default password policy configuration.