Skip to content

[stable13] Change password expiration time from 12h to 7d#11857

Merged
rullzer merged 1 commit intostable13from
backport/10942/longer-password-reset-time
Oct 17, 2018
Merged

[stable13] Change password expiration time from 12h to 7d#11857
rullzer merged 1 commit intostable13from
backport/10942/longer-password-reset-time

Conversation

@MorrisJobke
Copy link
Member

@MorrisJobke MorrisJobke commented Oct 16, 2018

We use the same logic for creating accounts without a password and there the 12h is a bit short. Users don't expect that the signup link needs to be clicked within 12h - 7d should be a more expected behavior.

Backport of #10942

@MorrisJobke
Change password expiration time from 12h to 7d
7613801 
We use the same logic for creating accounts without a password and there the 12h is a bit short. Users don't expect that the signup link needs to be clicked within 12h - 7d should be a more expected behavior.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
@MorrisJobke MorrisJobke added the 3. to review Waiting for reviews label Oct 16, 2018
@MorrisJobke MorrisJobke added this to the Nextcloud 13.0.8 milestone Oct 16, 2018
@MorrisJobke MorrisJobke mentioned this pull request Oct 16, 2018
Merged
@Knot3n
Copy link

Knot3n commented Oct 16, 2018

i know that its already "approved" but 7 days is a long time for a signup link.

24h to 48h would fit more into it. After that it should be possible to request a new link.
If the comment here does not fit in or is obsolete, then I'm sorry.

@MorrisJobke
Copy link
Member Author

MorrisJobke commented Oct 17, 2018

i know that its already "approved" but 7 days is a long time for a signup link.

24h to 48h would fit more into it. After that it should be possible to request a new link.
If the comment here does not fit in or is obsolete, then I'm sorry.

We get many complains also from businesses where admins send this out and after the weekend the link is invalid. It's also a personalized and quite long token. We are thinking about adding some easy to use reset password links additionally there.

Anyways - thanks for the feedback.

@rullzer rullzer merged commit e3a2b9e into stable13 Oct 17, 2018
@rullzer rullzer deleted the backport/10942/longer-password-reset-time branch October 17, 2018 20:14
@MorrisJobke MorrisJobke mentioned this pull request Nov 13, 2018
Merged
@bpcurse bpcurse mentioned this pull request Nov 16, 2018
Open
@MorrisJobke MorrisJobke mentioned this pull request Nov 22, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rullzer rullzer rullzer approved these changes

@nickvergessen nickvergessen nickvergessen approved these changes

@juliusknorr juliusknorr Awaiting requested review from juliusknorr

Assignees

No one assigned

Labels

3. to review Waiting for reviews

Projects

None yet

Milestone

Nextcloud 13.0.8

Development

Successfully merging this pull request may close these issues.

4 participants

@MorrisJobke @Knot3n @rullzer @nickvergessen