How to Force All Users to Change Their Password
Crowd currently does not have a feature for administrators to force all of the users or users from a specific directory to change their password. In order to force a user to change their password, Crowd administrators have to do the following for each user:
- Navigate to Users
- Find the user
- Select 'Attributes'
requiresPasswordChangeparameter to "True".
As you can see, following the steps above for every user can get tedious. There is a feature request created for this at
CWD-3332Getting issue details...
, but in the meantime, you can set
requiresPasswordChange to "True" for all users via the database by following the steps below.
- Create a database backup of your Crowd instance, as a safety precaution
Execute the following SQL and take note of the directory ID that the newly imported users were imported from:
SELECT * FROM cwd_directory;
Using the the directory ID, execute the following SQL query:(!) This will force all users from the directory to change their password
UPDATE cwd_user_attribute SET attribute_value = 'true' WHERE attribute_name = 'requiresPasswordChange' AND directory_id = <INSERT DIRECTORY ID>;
Once the SQL is executed, users will be prompt to change their password via the Crowd Console
Note: This solution only applies to users in the Crowd Internal Directory who log into Crowd. This solution does not apply to users who are part of an external directory or to any user synchronized to a client application of Crowd.