mahara-contributors team mailing list archive

Thread
Date

[Bug 1045123] Re: don't send out password for admin created users

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Aaron Wells <1045123@xxxxxxxxxxxxxxxxxx>
Date: Thu, 05 Dec 2013 05:44:09 -0000
Reply-to: Bug 1045123 <1045123@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Hugh has pointed out via IRC that for a dev or admin who wants to
manually assign a password, you could do this:

1. Use the "Add User" page to add a user.

2. The next page load takes you to their Account Settings page, and you
can manually set their password there.

So maybe eliminating the password field altogether is a good idea after
all. :)

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1045123

Title:
  don't send out password for admin created users

Status in Mahara ePortfolio:
  Triaged

Bug description:
  When an admin creates a user with a set password. It should be assumed that this password is delivered to the user out of band, and shouldn't be sent in clear text.
  If the password field is left blank, we should treat that the same as if we just finished a registration, the user gets a one time URL to click on which forces them to set a password.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1045123/+subscriptions

References

[Bug 1045123] [NEW] don't send out password for admin created users
From: Hugh Davenport, 2012-09-02