When using SSO, how to avid users from re-seting their password?

Diogo Thomaz shared this question 27 days ago
Answered

We are moving towards restricting user access to the YF platform through our web application and implementing SSO. My question is: as we need to login users with their username and password, if a user edits their YF account and changes the password, we will not be able to login the user again as we will not know the password... What can we do to prevent users from changing their passwords?

Comments (6)

photo
1

Hey Diogo,

I hope you are well!


Just to clarify, are you referring to the users first login OR the user having the ability to change their password via their profile settings?

There is a way to hide the users password settings in the profile settings via the User Administration under Roles, where you will need to enable 'Hide Profile Password'


Here is what the user see's without the restrictions on the Role -

3a3b2947664e807833478084475968af


Then here is where you enable the restrictions for the users role -

92ffa9c2f9bbdf451377d20c4a8e40ed


And then this is what the user see's after the restrictions, as you can see, they no longer have the ability to change their own password -

c75af3428414e6de0938e207a0824c20


I hope this helps - Please let me know if this is not what you were after!

Best Wishes,

Lesley

photo
1

Thank you LEsley,

I meant both at first login and later editing the profile.

Basically, if we want to 'control' access to YF using SSO from our web application we need to be the ones that create and use the password for the user. So, we will create the user in YF when the user registers on our App, then we will log the user in when he/she switches to the analytics page (YF) and so we need to be the ones that 'know' the user's password.

What you replied is very useful. We will see how it behaves when we first login to the user's YF account.

Again, thank you!

Diogo

photo
1

Hey Diogo,

Thanks for your response :)


Ok so, I believe when a user first signs in, they will be prompted to change their password and I do not believe there is a way to stop this- however, a way around this, is if you would be the first to sign in, as that user > then you can change the password to something you know.

As long as the 'Hide Profile Password' is disabled, they will not be able to change their password after this.


Let me know your thoughts on this :)

Best Wishes,

Lesley

photo
1

Hey Diogo,

I hope you are well :)


I just wanted to check in on this topic to see if you had any further questions about this?


Best Wishes,

Lesley

photo
1

Hey Diogo,

I hope you are well!


I just wanted to let you know, as there as not been a response, I am going to go ahead and mark this ticket as complete due to inactivity - if you have any further questions about this, please feel free to reopen the post and let me know. I will be happy to help :)


Best Wishes,

Lesley

photo
1

Yes Lesley, we can close this ticket.

Thank you.

Diogo