New functionality, enabled by default: email_show_last_password_change=1 Where anytime an email password is changed, either through DirectAdmin GUI (CMD_EMAIL_POP, CMD_API_EMAIL_POP, CMD_CHANGE_EMAIL_PASSWORD, etc), the time and IP will be saved into: /etc/virtual/domain.com/last_password_change/user in the format: ip=1.2.3.4&when=1535140911 --------- If the above setting is set to 1, then for Enhanced, the hover-over usage will include this information. If no password change has been made after this feature is present, no info will be shown. --------- JSON will also include the "last_password_change" array, similar to the "last_login" array, again only if present (known). Absence of data does not imply it has not been recently changed (we don't know when DA was last updated). So if you want to use this information to enforce a password change every 6 months (for example), we can only guarantee that the absence of data is more than 6 months, after using this feature for 6 months. But a client can just reset their password to the same value again (if they wish) to update this time, and have it be shown. Sample JSON output from CMD_EMAIL_POP: "5": { "account": "fred", "login": "fred", "usage": { "apparent_usage": "23.374", "imap_bytes": "51482624", "last_login": { "ip": "1.2.3.4", "when": "1535136909" }, "last_password_change": { "ip": "1.2.3.4", "when": "1535140911" }, "quota": "100", "usage": "49.097", "webmail_bytes": "23" }, "sent": { "send_limit": "42", "sent": "0" }, "suspended": "no" }, ===== CMD_EMAIL_ACCOUNT_QUOTA will also include the "when" portion of the data, and will show up as a new variable: last_password_change=1535140911 which could be used by things like the RoundCube quota plugin to force a password update (in theory, the RC plugin does not currently force a password reset)