forced password change not working
I'm getting that screen that says my password needs to be changed. I've now tried four times, and each time it tells me "Sorry, your new password was rejected. Passwords must contain both letters and numbers, must be at least 7 characters long, and must not be the same as the last 4 passwords used. Passwords expire every 90 days, after which you will be prompted to choose a new password."
I'm following the rules but it's still rejecting every new password I put in.
Re: forced password change not working
In my experience that error message appears for exactly the reasons stated. There have been dozens of times people have finally confessed that they were re-using old passwords and didn't believe they'd actually already used it. Once I even got caught using 6 characters and didn't realize it was 6 not 7. And then re-typing it got me too.
I suppose the edge case could be that you've installed some plugin/mod that changed how passwords are handled, and it's malfunctioning.
If you want to just reset the admin user in the database, use: http://www.zen-cart.com/content.php?...admin-password ... that'll give you a very specific admin password, and you'll have to use the Change Password option in your Admin (click the "Account" link beside the "logout" link in top right of Admin screen) to change the password. Or let it expire and change it then.
Re: forced password change not working
Nup, in the end I just made up a nonsense one and it still gave me the same message. They were all at least 7 characters, all had numbers and letters. I'll do it via the database, thanks.
Re: forced password change not working
FWIW, if your store doesn't need to be PCI Compliant, you could upgrade to v155 which allows you to turn off the forced 90-day pwd change.
Re: forced password change not working
What is PCI? That's appealing, turning that forced password reset off. :)
Re: forced password change not working
PCI-DSS - personal cardholder information data security standard.
a "standard" for protecting credit card data.
see:
https://www.pcisecuritystandards.org/pci_security/
Re: forced password change not working
We only do Paypal so I guess we're safe. Thanks.
Re: forced password change not working
I had the exact same problem. Turned out that the issue was not with the new password, but the old password. My browser was autofilling an older password, but I didn't notice because it was shown as *******. I looked up the current password and entered that, and the new password was accepted.
Quote:
Originally Posted by
jenpen
I'm getting that screen that says my password needs to be changed. I've now tried four times, and each time it tells me "Sorry, your new password was rejected. Passwords must contain both letters and numbers, must be at least 7 characters long, and must not be the same as the last 4 passwords used. Passwords expire every 90 days, after which you will be prompted to choose a new password."
I'm following the rules but it's still rejecting every new password I put in.
Re: forced password change not working
I have/had the same problem of login when I first built my 157c and now at first password forced change. I HAD to use the phpMyAdmin to get passwords to reset. I'm positive I had not reused the passwords based on the source I get them. 157c is the only upgrade that I've had this issue with, but thankfully the phpMyAdmin fix works.
Re: forced password change not working
I'm only using PayPal right now, so if this does happen again I'll turn off the expiry in Admin->Configuration->My Store. There's a PA-DSS setting there related to admin pwd expiration.
https://www.zen-cart.com/showthread....ghlight=90-day