starred/lldap-lldap
1
0
Fork 0
mirror of https://github.com/lldap/lldap.git synced 2026-04-25 08:15:52 +03:00
Code Issues 101 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #362] Forgot Password feature request #138

New issue
Closed
opened 2026-02-27 08:15:27 +03:00 by kerem · 6 comments
kerem commented 2026-02-27 08:15:27 +03:00
Owner
Copy link

Originally created by @zer0ish on GitHub (Nov 1, 2022).
Original GitHub issue: https://github.com/lldap/lldap/issues/362

Hello,

Would it be possible to add a Forgot password option that would use a 3or more question answer system?
This would be similar to the Freemium based windows tool "ADSelfService Plus"
For context it would work something like this:

  1. Admin creates the account and provides the account info and PW reset page to change the default password.
  2. User has to go to the lldap site logging in with the admin set password.
  3. Once logged in, user is asked to sets their 3 or more questions(based on a provided list) and answers.
  4. User is then prompted to set their new password.
  5. If user forgets their password they must answer all the questions. Since this is a question based system I think forcing them to answer all of them instead of just one is better for security.

I have users who always forget their password and as an admin I don't like having to reset it every week.

Originally created by @zer0ish on GitHub (Nov 1, 2022). Original GitHub issue: https://github.com/lldap/lldap/issues/362 Hello, Would it be possible to add a Forgot password option that would use a 3or more question answer system? This would be similar to the Freemium based windows tool "ADSelfService Plus" For context it would work something like this: 1. Admin creates the account and provides the account info and PW reset page to change the default password. 2. User has to go to the lldap site logging in with the admin set password. 3. Once logged in, user is asked to sets their 3 or more questions(based on a provided list) and answers. 4. User is then prompted to set their new password. 5. If user forgets their password they must answer all the questions. Since this is a question based system I think forcing them to answer all of them instead of just one is better for security. I have users who always forget their password and as an admin I don't like having to reset it every week.
kerem closed this issue 2026-02-27 08:15:27 +03:00
kerem commented 2026-02-27 08:15:28 +03:00
Author
Owner
Copy link

@nitnelave commented on GitHub (Nov 1, 2022):

There's a forgot password option with emails, that's easy to use, have you
tried that?

Security questions are in general terrible for security.

On Tue, 1 Nov 2022, 21:51 zer0ish, @.***> wrote:

Hello,

Would it be possible to add a Forgot password option that would use a 3or
more question answer system?
This would be similar to the Freemium based windows tool "ADSelfService
Plus"
For context it would work something like this:

  1. Admin creates the account and provides the account info and PW
    reset page to change the default password.
  2. User has to go to the lldap site logging in with the admin set
    password.
  3. Once logged in, user is asked to sets their 3 or more
    questions(based on a provided list) and answers.
  4. User is then prompted to set their new password.
  5. If user forgets their password they must answer all the questions.
    Since this is a question based system I think forcing them to answer all of
    them instead of just one is better for security.

I have users who always forget their password and as an admin I don't like
having to reset it every week.


Reply to this email directly, view it on GitHub
https://github.com/nitnelave/lldap/issues/362, or unsubscribe
https://github.com/notifications/unsubscribe-auth/AAGCPWMRM6F5VSODBFECKNTWGF7ELANCNFSM6AAAAAARUNYYUY
.
You are receiving this because you are subscribed to this thread.Message
ID: @.***>

<!-- gh-comment-id:1299231423 --> @nitnelave commented on GitHub (Nov 1, 2022): There's a forgot password option with emails, that's easy to use, have you tried that? Security questions are in general terrible for security. On Tue, 1 Nov 2022, 21:51 zer0ish, ***@***.***> wrote: > Hello, > > Would it be possible to add a Forgot password option that would use a 3or > more question answer system? > This would be similar to the Freemium based windows tool "ADSelfService > Plus" > For context it would work something like this: > > 1. Admin creates the account and provides the account info and PW > reset page to change the default password. > 2. User has to go to the lldap site logging in with the admin set > password. > 3. Once logged in, user is asked to sets their 3 or more > questions(based on a provided list) and answers. > 4. User is then prompted to set their new password. > 5. If user forgets their password they must answer all the questions. > Since this is a question based system I think forcing them to answer all of > them instead of just one is better for security. > > I have users who always forget their password and as an admin I don't like > having to reset it every week. > > — > Reply to this email directly, view it on GitHub > <https://github.com/nitnelave/lldap/issues/362>, or unsubscribe > <https://github.com/notifications/unsubscribe-auth/AAGCPWMRM6F5VSODBFECKNTWGF7ELANCNFSM6AAAAAARUNYYUY> > . > You are receiving this because you are subscribed to this thread.Message > ID: ***@***.***> >
kerem commented 2026-02-27 08:15:28 +03:00
Author
Owner
Copy link

@zer0ish commented on GitHub (Nov 1, 2022):

Sorry I think I just noticed the issue.
I'm just getting into Unraid to move away from my resource heavy windows servers and the unraid version of this is on LLDAP version 0.4.2-alpha

So I guess the the new version 3? has more options that I am not seeing in the unraid version.
I believe it's someone else that put it on unraid. Wish that version would be updated.
I suppose this can be closed since even if you did add the request(whihc I agree email is better), it wouldn't be updated from the install I have in unraid.

<!-- gh-comment-id:1299247494 --> @zer0ish commented on GitHub (Nov 1, 2022): Sorry I think I just noticed the issue. I'm just getting into Unraid to move away from my resource heavy windows servers and the unraid version of this is on LLDAP version 0.4.2-alpha So I guess the the new version 3? has more options that I am not seeing in the unraid version. I believe it's someone else that put it on unraid. Wish that version would be updated. I suppose this can be closed since even if you did add the request(whihc I agree email is better), it wouldn't be updated from the install I have in unraid.
kerem commented 2026-02-27 08:15:28 +03:00
Author
Owner
Copy link

@nitnelave commented on GitHub (Nov 1, 2022):

The password reset function is much older, it was already in v0.1, and it
definitely is in the unraid version. Maybe you didn't set it up for sending
emails, though?

On Tue, 1 Nov 2022, 22:44 zer0ish, @.***> wrote:

Sorry I think I just noticed the issue.
I'm just getting into Unraid to move away from my resource heavy windows
servers and the unraid version of this is on LLDAP version 0.4.2-alpha

So I guess I the new version 3? has more options that I am not seeing in
the unraid version.
I believe it's someone else that put it on unraid. Wish that version would
be updated.
I suppose this can be closed since even if you did add the request(whihc I
agree email is better), it wouldn't be updated from the install I have in
unraid.


Reply to this email directly, view it on GitHub
https://github.com/nitnelave/lldap/issues/362#issuecomment-1299247494,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/AAGCPWIJ723BG67VI5JVNZTWGGFLBANCNFSM6AAAAAARUNYYUY
.
You are receiving this because you commented.Message ID:
@.***>

<!-- gh-comment-id:1299308653 --> @nitnelave commented on GitHub (Nov 1, 2022): The password reset function is much older, it was already in v0.1, and it definitely is in the unraid version. Maybe you didn't set it up for sending emails, though? On Tue, 1 Nov 2022, 22:44 zer0ish, ***@***.***> wrote: > Sorry I think I just noticed the issue. > I'm just getting into Unraid to move away from my resource heavy windows > servers and the unraid version of this is on LLDAP version 0.4.2-alpha > > So I guess I the new version 3? has more options that I am not seeing in > the unraid version. > I believe it's someone else that put it on unraid. Wish that version would > be updated. > I suppose this can be closed since even if you did add the request(whihc I > agree email is better), it wouldn't be updated from the install I have in > unraid. > > — > Reply to this email directly, view it on GitHub > <https://github.com/nitnelave/lldap/issues/362#issuecomment-1299247494>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/AAGCPWIJ723BG67VI5JVNZTWGGFLBANCNFSM6AAAAAARUNYYUY> > . > You are receiving this because you commented.Message ID: > ***@***.***> >
kerem commented 2026-02-27 08:15:28 +03:00
Author
Owner
Copy link

@zer0ish commented on GitHub (Nov 1, 2022):

Here is a screen shot of the options I have in unraid to edit:
https://drive.google.com/file/d/1gauJ4bMy-TnQBkxT2w-FVvNURWs2oeW1/view?usp=share_link

And this is all I have for when I'm in the webgui:
https://drive.google.com/file/d/1wLK9yREALyw4g0xLZ-HpU2CcQtkADVJ4/view?usp=share_link

I'm new to unraid, but I really don't see any options for setting this up.

<!-- gh-comment-id:1299326529 --> @zer0ish commented on GitHub (Nov 1, 2022): Here is a screen shot of the options I have in unraid to edit: https://drive.google.com/file/d/1gauJ4bMy-TnQBkxT2w-FVvNURWs2oeW1/view?usp=share_link And this is all I have for when I'm in the webgui: https://drive.google.com/file/d/1wLK9yREALyw4g0xLZ-HpU2CcQtkADVJ4/view?usp=share_link I'm new to unraid, but I really don't see any options for setting this up.
kerem commented 2026-02-27 08:15:28 +03:00
Author
Owner
Copy link

@martadinata666 commented on GitHub (Nov 2, 2022):

As the options doesn't show, then you need to manually modify the config.toml. Looking from the images you attached, the config and it friends path is on /mnt/user/appdata/lldap/

<!-- gh-comment-id:1299486584 --> @martadinata666 commented on GitHub (Nov 2, 2022): As the options doesn't show, then you need to manually modify the `config.toml`. Looking from the images you attached, the `config and it friends` path is on `/mnt/user/appdata/lldap/`
kerem commented 2026-02-27 08:15:28 +03:00
Author
Owner
Copy link

@zer0ish commented on GitHub (Nov 2, 2022):

As the options doesn't show, then you need to manually modify the config.toml. Looking from the images you attached, the config and it friends path is on /mnt/user/appdata/lldap/

Thanks for this.
I assumed setting this up was part of the GUI.

<!-- gh-comment-id:1300394401 --> @zer0ish commented on GitHub (Nov 2, 2022): > As the options doesn't show, then you need to manually modify the `config.toml`. Looking from the images you attached, the `config and it friends` path is on `/mnt/user/appdata/lldap/` Thanks for this. I assumed setting this up was part of the GUI.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
dependabot/github_actions/codecov/codecov-action-6
copilot/fix-equality-filters-list-attributes
dependabot/github_actions/docker/build-push-action-7
dependabot/github_actions/docker/metadata-action-6
dependabot/github_actions/docker/setup-buildx-action-4
dependabot/github_actions/docker/login-action-4
copilot/update-download-artifact-action
copilot/fix-opensuse-warnings
copilot/fix-1268
copilot/fix-727
copilot/fix-898
copilot/fix-1256
copilot/fix-1251
copilot/fix-1249
copilot/fix-1206
user-attribute-form
user-ui
group-ui
server-user-attribute-schema
crates
haveibeenpwned
v0.6.2
v0.6.1
v0.6.0
v0.5.0
v0.4.3
v0.4.2
v0.4.1
v0.4.0
v0.3.0
v0.2.0
v0.0.1
Labels
Clear labels   
backend

   
blocked

   
bug

   
cleanup

   
dependencies

   
docker

   
documentation

   
duplicate

   
enhancement

   
enhancement

   
frontend

   
github_actions

   
good first issue

   
help wanted

   
help wanted

   
integration

   
invalid

   
ldap

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
rust

   
rust

   
tests

   
wontfix
No labels
backend
blocked
bug
cleanup
dependencies
docker
documentation
duplicate
enhancement
enhancement
frontend
github_actions
good first issue
help wanted
help wanted
integration
invalid
ldap
pull-request
question
rust
rust
tests
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/lldap-lldap#138
No description provided.