-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Duplicate
-
Affects Version/s: 12.0.1
-
Fix Version/s: None
-
Component/s: authentication
-
Labels:None
-
Rank:1|hzq07r:
-
Support Ticket IDs:
OpenAM's "Forgot Password" functionality allows the user to set a new password without authenticating - the password change counts as an "administrative" password change. When the user logs in with their new password (which they just set), they are made to change their password again.
- duplicates
-
OPENAM-5159 Request to improve REST forgotPasswordReset page flow
-
- Resolved
-