bobstheword Posted May 24, 2019 Share Posted May 24, 2019 Hi, Currently if a user wishes to change their password through the authentication options screen in preferences they just need to enter the new password. It would be much more secure if they had to enter their existing password in a text box above where they enter their new password. This would stop situations where someone is left logged in but walks away from their computer (which shouldn't happen of course ), another person comes along and changes their password and can then access the system from another computer. Best practice is to always ask for the existing password before allowing a password change. If the person changing the password doesn't know their existing password they need to talk to a security admin to reset it for them. Thanks. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now