Password settings

IN erpnext14, My employee can change his password through his user profile. How to avoid this?

Maybe you could have an external authentication provider / SSO?

I’m not sure it’s possible to disable password reset, unless password login is completely disabled.

My personal opinion

If the employee can’t change his/her password, then necessarily someone else has to start the password reset procedure (i.e. a system manager), leading to potential loss of productivity and unnecessary communications (with an increased attack surface for social engineering attacks).

Also, I would advise against a manual control over the passwords of the employees. A password should only be known to a single person, not multiple. Instead, a password policy could be enabled, or an external authentication system could be used.

1 Like