AnsweredAssumed Answered

Password Policy + PasswordExpirationEvent

Question asked by Gabriele Rusconi on Mar 7, 2017
Latest reply on Mar 8, 2017 by Andrew Ulliani

Recently a massive set of email notifications with subject "Please reset your current expiring or expired password" has been sent by the system, basically one email per account, all of those the same day to all the users!

 

We find out that the trigger was the combination of Password Policy configuration and the default Email Template: PasswordExpirationEvent associated to default Email Event: PasswordExpirationEvent.

 

In particular in the Password Policy is specify the following:

  • Default policy for all business sources: Yes
  • Password expires in: 60 days
  • Warn users before their password expires in: 5 days

So, by our researches (we di not found any doc that explain in detail the case), the starting date, for all the accounts, from which the system checks the password expire date to notify is the date of creation of the Password Policy object?!

Someone can confirm that?

 

Anyway, where is the stored the value of the Password Expiration Date? In the User or Account object? And, in particular, in which field?

 

Thanks and regards,

Gabriele.

 

 

Outcomes