Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-53910

User can't recover his password if their account is locked by a Password Policy and the defined lockout time is reached

    Details

      Description

      1. Enable the default password policy setting

      • Local enabled
      • Maximum Failure - 3
      • Reset Failure Count - 5 minutes
      • Lockout Duration - 5 minutes

      2. Create an user1 with the password user1. After activate the account doing a first login, make logout and try to login several times using an erroneous password, eg. otherpassword
      3. Once you get the message This account is locked until 3/2/15 2:30 PM. Please wait until the unlock date or contact an administrator to have this account unlocked. , wait for 10 minutes (in my case until 2:35 PM) and try to recover the password clicking in the link Forgot Password
      4. Type the email address and the text verification, and click in the next button.

      Result This account is locked until 3/2/15 2:30 PM. Please wait until the unlock date or contact an administrator to have this account unlocked.

      Expected You get the reminder query and you are allowed to continue with the password recovery process.

        Attachments

        1. fixed.png
          fixed.png
          21 kB
        2. reproduced.png
          reproduced.png
          21 kB

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  4 years, 20 weeks, 4 days ago

                  Packages

                  Version Package
                  6.2.4 CE GA5
                  6.2.X EE
                  7.0.0 M5