Still can authenticate with previous password on PWM Login page.
25 views
Skip to first unread message
Linu
Jun 12, 2024, 3:56:09 AMJun 12
to pwm-general
Example, previous password is '1234' but current password is '5678'.
When i try to authenticate with '1234' on LDAP, not authenticated. only '5678' is working cause current password is '5678'.
But, when i try to authenticate with '1234' on PWM login page. it was still working and '5678' also work.
I can't understand this situation and tried to find option. can't find any option like 'Previous Password Allowed' or 'Can authenticate with old password'.
I want get some help for this problem.
Thank you.
When i try to authenticate with '1234' on LDAP, not authenticated. only '5678' is working cause current password is '5678'.
But, when i try to authenticate with '1234' on PWM login page. it was still working and '5678' also work.
I can't understand this situation and tried to find option. can't find any option like 'Previous Password Allowed' or 'Can authenticate with old password'.
I want get some help for this problem.
Thank you.
Jason Rivard
Jun 13, 2024, 8:04:21 AMJun 13
to pwm-general
PWM doesn't store passwords, so it's the LDAP server your using that accepts or rejects an authentication password. You didn't mention which LDAP server your using, but I'm guessing it's AD because it's an AD behavior to let old passwords work for up to an hour after changing.
Reply all
Reply to author
Forward
0 new messages