You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2022/04/02 14:51:19 UTC

[GitHub] [superset] dzar-aker opened a new issue #19498: Need a way to change a forgotten password

dzar-aker opened a new issue #19498:
URL: https://github.com/apache/superset/issues/19498


   **Is your feature request related to a problem? Please describe.**
   When a user forgets their password, there is no way to get into the system to change it. The admin cannot change it, and the user cannot change it without logging in first.
   
   **Describe the solution you'd like**
   There are a few possible solutions:
   
   - Have a "forgot password" link on the login screen that will allow a reset password link to be sent to the user's email address in their account. That link would let them change their password so they could reset it and then log in again.
   - Allow the Admin account to do the same: send a reset password link to the user
   - (Less desirable) Allow the Admin account to reset the password to a known value (as done when setting up the account in the first place). This is a security issue as it allows Admins to change passwords, then people can use the account who should not be able to, then change it, again, for example. But if the above two are not implemented, this is a solution.
   
   **Describe alternatives you've considered**
   As it stands, now, I have to delete the user account and recreate it. This works, but then I also have to set up all of the ownerships that this user had to the new account. So it's a bit of a PITA for many users.
   
   **Additional context**
   This is a necessary feature for this tool to be used in an enterprise setting (meaning allowing anyone but the user who set this up). If we allow even one user who is not an admin into the system, this will happen at some point. Guaranteed!
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org