Mandatory "new accounts password change" allows same password to be entered

ToddR shared this idea 3 months ago
Under Consideration

The following FileCloud settings are set:

(Admin GUI)/Settings/Admin

Allow Password Change = TRUE

(Admin GUI)/Settings/Misc/Password

New accounts Must Change Password = checked (ie: enabled)

Number of Previous Passwords that cannot be used = 1

As the admin, I added(created) the following new user (ie: Limited User in my example):

username: newuser

password: pswd1234

The user then attempts to log into FileCloud and is prompted to change his password (as expected) by entering "Old/New/Confirm Password" values.

If the user enters the same old password value (pswd1234) as the "new/confirm" password values then FileCloud accepts the password change:


When the ADMIN "New accounts must change password" setting is enabled then this should force the user to enter a "new" password and not simply allow them to enter the same password. Technically, the user did not really "change" their password if the same old password is still being used.

I am planning on providing our external customers an easy password when their account is first created, but then rely on FileCloud to ensure they enter a "new" password during initial login, thus ensuring the password I provided is switched out.

Comments (1)


Thanks for reporting. This looks like a bug. We will address this.