Hello community,
Recently my team faced an issue. We wanted to do some manipulations with Users (AD_User) in our system. We decided to rename some part of the existing Users to prevent people from logging in using their credentials (but records must be left in the system for a history) and to create new set of users, using the old names.
We thought that employees will not see the difference and continue to use the same credentials, but technically it would be a new user accounts.
But, almost every user had an enabled option "remember me". And because of that, everyone was using old renamed AD_User to log in. System built in a such way, that it "remembers" not the Username, but AD_Session_ID with AD_User_ID in it. And the Username automatically would be taken from DB via AD_User_ID and placed in Username field.
What do you think, is it an appropriate way to "remember" credentials? Is it possible to add feature to store only username as a text?
From my point of view, Username it is a part of credentials pair (login + password) and in the case of Username change, no one should now the new one, as it is done with password.
Best regards,