Details
Description
When Strong Passwords feature is enabled after a developer account is created, the developer can reset the password without the strong passwords requirements.
Steps to reproduce:
1. In the admin portal disable "Strong Passwords" in Audience > Accounts > Usage rules
2. Create a developer account from the admin or developer portal
3. In the admin portal enable "Strong Passwords" in Audience > Accounts > Usage rules
4. From the Developer Portal, sign in and go to Settings > Users > Edit and update Password and Password confirmation with a password that doesn't match the "Strong Password" requirements. You'll be able to update the password.
Attachments
Issue Links
- is cloned by
-
THREESCALE-5416 Default admin user on Developer Account has no validation of password performed
- Closed