Prevent possibility of password fraud when super-admin creates a user account

listed
techforfuture
Tags: #<Tag:0x00007fa95a2e4c70> #<Tag:0x00007fa95a2e4b30>

#1

What is the need / problem

The SuperAdmin user should not be able to see, change or reset the user’s password. If they need to reset their password they can do it themselves.

Who does it impact

All users created by a super admin.

What is the current impact of this problem

Setting a password as admin always comes with the problem how to communicate that password to the user. In most cases it’s sent via email which is not a secure medium. The password is likely to end up on several computers (the sender, the mail servers, the receiver, backups) and is stored in plain text.
The admin can set a temporary password that has to be changed by the user, but most users don’t do it.

What is the benefit in focusing on this

Improving security for users.

Links to more details

Potential solutions that will solve this problem

OFN sends a link out to validate the email address and let the user set the password at the same time (when they click that link they should be prompted to set a password)