Basecamp Export

From the list: Post-launch issues

✔ Resolve issues with automatic password expiry field

Morgan M. added this on Apr 07, 2021
Completed Jul 09, 2021 by Morgan M.

Assigned to

Harsh P.

Notes

Automatic Password Reset: similar to the legacy application, when the automatic password reset options are enabled on a user account:

image.png 82.3 KB • Download

the user will receive an email 7 days before the expiration date that their password needs to be reset. When the expiration date is reached, however, rather than change the account to "Expired" status, the account will be changed to "Non Active" status. Also, resetting the password after the expiration date will no longer reactivate the account, and the admin user will need to manually reactive the account by changing the status from "Non Active" to "Active (Subscriber)". However, because this restores the existing credentials without updating the password, the admin user will need to manually update the Password Expiry Date to a week later so that the user will receive the email to update their password. We need to change the requirements so that the user will be able to reactivate the account by updating the password, and there should be an ability for the admin user to manually resend the user the password reset notification email.

Harsh

,

Further to the issue concerning the automatic password reset function described above in item#3. Would it be possible for you to export a list of user within app.islg that includes data on whether the automatic password reset function is enabled on the account and the data on when the password reset is set to expire?

image.png 85.5 KB • Download

I've tried getting this data through the export use list function: https://app.investorstatelawguide.com/Admin/Subscriber/Index

image.png 92.8 KB • Download

but this didn't include data related to the automatic password reset fields:

ISLG_UserList_2021-04-06_07-13-30_CurrentUsers.xlsx 194 KB • Download

Ideally this list would include three more columns for the following:

Automatic Password Reset: Yes/No
Frequency: Every 6 months/Once per year
Password Expiry Date: Date

We are going to use this to audit these users and update the account to ensure they do not expire until we make changes to the requirements for the automatic password features in the weeks ahead.

Thanks,

Morgan

Comments & Events

Harsh Parikh, Tech Lead

Morgan

,

We are working on to include following 3 fields in excel and PDF report for User data.

Automatic Password Reset: Yes/No
Frequency: Every 6 months/Once per year
Password Expiry Date: Date

We will release this change in next build on app.islg.

Apr 08, 2021 at 6:38 AM Notified 4 people

Morgan Maguire, CEO

Note that I've modified the to-do above to focus on the issues concerning automated password resets, and have create new to-do's for the other issues.

Apr 09, 2021 at 7:27 PM Notified 7 people

Morgan Maguire, CEO

Harsh

,

Following-up on above, could you please provide us with the report requested so that we can audit and ensure more accounts are not disrupted by the problems with the automatic password reset functions.

Please send this as soon as possible. Note all we need is a list of all the accounts on the system that have the automatic password reset function enabled (along with the frequency and expiry date) and then we can make the appropriate edits to the accounts that are going to have their passwords expire over the next 4 weeks.

This is just a stop-gap measure to prevent further passwords from expiring until we figure out a solution to how the password reset function operates (more below).

Thanks,

Morgan

Apr 12, 2021 at 10:24 PM Notified 7 people

Morgan Maguire, CEO

Harsh

,

Aside from the requested report above, we need to come up with a solution to this current automatic password reset function. Ideally, I would like to integrate the same system we have in the legacy app, but here is modified solution to resolve the problem for our current purposes:

The automatic password reset function is enabled and a date is entered into the Password Expiry Date field:

image.png 51.1 KB • Download
7 days prior to the date entered into the Password Expiry Date field, an automated email is sent to the user indicating that their account is going to expire in 7 days and will become inaccessible if their password is not updated (currently in requirements).
Assuming the user does not reset their password, when the date entered into the Password Expiry Date field is reached, the user account status changes to Non Active and the user is sent another automated email indicating that their password has expired, and that they will need to reset their password to regain access (currently in requirements).

image.png 64.5 KB • Download
PROBLEM: When the user selects the Reset my password link after the accounts has changed to Non Active status and updates the password, the password successfully resets, but the user account status does not change back to Active (Subscriber) status.
SOLUTION: Assuming the password has expired and the user account is Non Active, if the user selects the Reset my password link in the email and successfully resets their password, this should also automatically change the status of the user account to Subscriber (Active).

Thanks,

Morgan

Apr 12, 2021 at 10:41 PM Notified 7 people

Morgan Maguire, CEO

Harsh

,

Following-up on your post above: Re: Resolve issues with user management system - TOLOGIX - ISLG App Rebuild, do you know when we can expect the report?

Thanks,

Morgan

Apr 19, 2021 at 7:05 PM Notified 7 people

Morgan Maguire, CEO

Harsh

,

Following-up again on above, can you please provide us with the report requested above as soon as possible? We had another issue with an account this morning, where the password expired, the user attempted to reset the password and their access is blocked because the account did no reactivate. We need the report so that we can identify which which accounts have passwords that have expired or are going to expire so that we can adjust their accounts until we implement the other requirements in this to-do.

Thanks,

Morgan

Apr 30, 2021 at 6:01 PM Notified 7 people

Harsh Parikh, Tech Lead

Morgan

,

You can able to see following 3 columns on app.islg when you will download User data from User Tab.

Automatic Password Reset: Yes/No
Frequency: Every 6 months/Once per year
Password Expiry Date: Date

May 03, 2021 at 10:48 AM Notified 7 people

Morgan Maguire, CEO

Great. Thanks

Harsh

Marysia

, attached is user list filtered by the accounts that have accounts that have the automatic password field enabled and the password has either expired or is going to expire over the next month. Could you please audit these accounts so that we can avoid continued problems with this issue until

Harsh

implements the changes requested above.

ISLG_UserList_2021-05-03_01-20-21_CurrentUsers.xlsx 278 KB • Download

Thanks,

Morgan

May 03, 2021 at 5:30 PM Notified 7 people

Harsh Parikh, Tech Lead

Morgan

,

This change has done on tsgaing.islg. Please check and confirm.

Jun 14, 2021 at 11:19 AM Notified 7 people

Morgan Maguire, CEO

Great. Thanks

Harsh

. I've setup a test on staging.islg, and I'll report back on the results in the days ahead.

Morgan

Jun 14, 2021 at 9:22 PM Notified 7 people

Morgan Maguire, CEO

Harsh

,

Further to the video below, so far I have found two issues with this to-do:

7 days prior to the expiry date for the password reset, I did not receive an automated email indicating that I needed to reset my password.
When the expiry date was reached, the account did not change to non-active state and I did not receive an automated email indicating that my password expired and that I would need to reset the password to reactive the account.

Thanks,

Morgan

Automatic password reset (16-Jun-21).mp4 4.97 MB • Download

Jun 16, 2021 at 5:09 PM Notified 7 people

Harsh Parikh, Tech Lead

Morgan

,

Above both issues are resolved on staging.islg. Please check and confirm.

Jun 17, 2021 at 11:09 AM Notified 7 people

Morgan Maguire, CEO

Ok. I'll setup some more tests, but I probably won't get results back until tomorrow evening, because I can select today's date as the expiry date.

Morgan

Jun 17, 2021 at 8:52 PM Notified 7 people

Morgan Maguire, CEO

Harsh

,

Further to the video below, I'm still experience the following problems:

Testing account: morganmaguire@gmail.com: when password expiry date is reached, the account is not changing to non-active status and the user is not receiving the automated emails indicating that their account has been deactivated and that they will need to reset their password to reactivate the account
Testing account: mmaguire@tologix.com: when the password expiry date is within 7 days of expiring, the user is not receiving an automated email indicating that their password will expiry in 7 days and that they need to reset the password on the account.

Thanks,

Morgan

Problems with automated passowrd reset (23-Jun-21).mp4 5.23 MB • Download

Jun 24, 2021 at 12:20 AM Notified 6 people

Harsh Parikh, Tech Lead

Morgan

,

The issue is resolved. you can get Password Expiry mail at 11:40 PM and Password reminder notification at 11:30 PM Server time.

Please check and confirm.

Jun 24, 2021 at 9:14 AM Notified 6 people

Morgan Maguire, CEO

Ok. Thanks

Harsh

. I've setup tests and let you know the results tomorrow.

Morgan

Jun 24, 2021 at 2:39 PM Notified 6 people

Morgan Maguire, CEO

Harsh

,

Everything worked well on this test. To-do complete. Please deploy to production during the next deployment window.

Thanks,

Morgan

Jun 25, 2021 at 4:05 AM Notified 6 people

Harsh Parikh, Tech Lead

Morgan

,

This task is already deployed on app.islg.

Jul 09, 2021 at 5:19 AM Notified 6 people

Morgan Maguire completed this to-do.

Jul 09, 2021 at 4:42 PM