Hi, i would like to ask if auto required to change password for the first login (user) is something in your pipeline? Since the creation of the user is under Admin, i think its also a best practice to have that when the user’s first login they will be ask to change the password that was assign to them by the administrator, This is also to protect the user that only the user knows their password.
Thanks
Casper
Hi @casper
If you are asking the OpenEMR core developers, you might direct your question to them.
However, from my perspective as long- time support provider to different practices I can say that your suggestion usually is in the domain of office management policies. Plenty of practices would not want it as you describe, they determine their own password reset policy and communicate it with their employees as part of their business’ personnel management.
Thank you @htuck for this, does the office management policies under ACL?
@casper No, office management policies are determined by the office management staff: the members of a practice who decide what tasks will be performed by the practice, who will perform them and how they will be performed.
Got it @htuck i though is this part of Open EMR, is a standard procedure in each members. Our situation right now is that we need to create 1500 user account, and since Admin is the only one can create an account in Open EMR we just predefined each account with generic password across all account so our standard procedure is that once the user login to his/her account they need to change the password, but in reality this will not happened to all 1500 account some may not do a password change during there first login so what i am thinking is that having the system required then to performed a change password during the first login.
Thanks
Casper
Hello, @casper I see, that makes sense.
Have you been able to create all the accounts with the same password already?
If so, you might try experimenting with the Security globals (Main menu: Admin/ Config/ Security tab).
One thing would be to require unique passwords. I think that should force the user to re-set their password when they first login.
Or perhaps change the ‘Default Password Expiration Days’ and the ‘Password Expiration Grace Period’, to remind them to change their passwords for a time before it expired. Though I’m not sure what settings would work properly.
I hope these ideas are useful or lead to a workable solution.
Best- Harley
Hi @htuck actually i created a module for bulk import of user via csv, that’s how we created the 1500 users in the system.
“force the user to re-set their password when they first login” - Correct me if i am wrong, but if you used a password that didnt meet the password requirement that was set in the security page, when the user first login it will ask the user enter a new password that meet the requirements? If yes that’s something i was asking in my other post here, since we are the one who created the password we want the system to flag the user to change the password on his/her password on the first login so that the user alone knows his/her password.
thanks
Casper
Hi @casper
Welllll, that’s the idea but the mechanics of the process are above my dev skills.
I do not know if inserting the password into the database without going through the password encryption process will throw an error or simply make it require the user to reset.
It will be interesting to see how that works for you!
Best- Harley
Hi @htuck are you referring to the bulk user importer? If yes using the custom module i created it still used the native password encryption process and still used the same process in creating a user in the user/group panel, the only difference is that it has a predefined csv template with all the necessary field during importing it will automatically mapped/insert the data to all the table needed on the user creation, which is quite complicated since it evolve multiple table. I’ll do another version on this (currently this is only for us) improve it and maybe i could introduce this as part on Open EMR, since i already created this as a module.
