Enforce password change on next login

Version 1.542

Feature
Unfinished

Change to better support GDPR, where DA will require the User to change their passwords after logging in, if the previously set value is too old. Related thread: http://forum.directadmin.com/showthread.php?t=56369 Will base the age on the date of the file: /home/user/.shadow If that's older than X days, next login will show a password change required. Login keys and CMD_API calls will be excluded from the enforcement. Internal directadmin.conf default: force_password_change=0 where 0 is disabled, default. You can also use: force_password_change=-1 where a negative 1 value implies, an immediate change is required, but once set, it won't be asked again. If you use this, the user.conf option will be set. Internally, DA will check the setting in seconds, which isn't too useful, but you will be able to set it to something like: force_password_change=90d force_password_change=6m force_password_change=2y for example, and DA will swap that around internally as it's loaded in. ---- The variable can be overridden in the user.conf (possibly GUI to come) to allow per-User vs global control to differ from each other. Just add force_password_change_after with the desired value to the user.conf. This variable must then be included in the backup/restore options, as a server set to -1 would require a password reset immediately after a restore creation. But should be there anyway in case there is an override.

Interested to try DirectAdmin? Get a 30-day Free Trial!