Uploaded image for project: 'OpenMRS Core'
  1. OpenMRS Core
  2. TRUNK-5425

Allow a user to request for a password reset via email

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Should
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: Platform 2.2.0
    • Component/s: None
    • Labels:
      None
    • Complexity:
      Medium

      Description

      User accounts in the OpenMRS Platform are secured with password hashes and salt; however, because OpenMRS did not historically include the ability to send email, the process for resetting password has been less than ideal. Currently, an administrator sets a temporary password or a user answers their "secret question" (a question and answer set the user previously provided). A medical record system should have a stronger approach to password security and not even an administrator should ever know a user's password (even temporarily). The current approach also puts an undue burden on administrators to reset passwords for users who have forgotten them.

      For more details see the GSoC 2018 project page

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              harisu harisu fanyui
              Reporter:
              wyclif Wyclif Luyima [X] (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: