How to configure ERPNext for forcing to user to change his password every certain period of time?

Hi everybody.

Is there a way to configure ERPNext for forcing to user to change password every certain period of time?

For example, every month (or week or every 3 months) when user login to ERPNext, it displays to the user a window with the message about it is required to change his password.

Thanks in advanced

@fabyc,

No, currently there is no configuration available, Please create the github issue for this feature or you can send the pull request to frappe repo :slight_smile:

Hi @makarand_b

Done.

Issue: Forcing to user to change his password every certain period of time · Issue #4009 · frappe/frappe · GitHub

Maybe some of these password policies I found, can be considered:
https://goo.gl/JECs1M

Thank you very much

Hello everyone, I wanted to share a link relevant to passwords:

Which basically recommends:

  • No composition rules
  • No password hints.
  • People set password hints like rhymes with assword when you allow hints
  • Knowledge-based authentication (KBA) is out
  • No more expiration without reason.

I am not trying to avoid this feature in ERPNext, but be careful when activating it :slight_smile:

Regards!