We recently set up a master password-policy and expected the flag
"Require existing members to change their passwords" to enforce noncompliant users to update their password on the next login (as documented here)
This does not apply: Our testuser with a noncompliant password can still log in and no enforcement takes place. The new master password policy will only apply when user tries to change his password.
We are using Version 1.30.5
To Reproduce
Disable any master password policy
Create new user
Invite user to organisation
Enable password policy including flag "Require existing members to change their passwords"
We recently set up a master password-policy and expected the flag "Require existing members to change their passwords" to enforce noncompliant users to update their password on the next login (as documented here) This does not apply: Our testuser with a noncompliant password can still log in and no enforcement takes place. The new master password policy will only apply when user tries to change his password. We are using Version 1.30.5
To Reproduce