zorn-v
commented
11 months ago On create user there is random password which does not saved anywhere. But user can change password via "forgot password" nextcloud feature.
Closed Claiyc closed 11 months ago
zorn-v
commented
11 months ago On create user there is random password which does not saved anywhere. But user can change password via "forgot password" nextcloud feature.
Claiyc
commented
11 months ago Alright, if it’s random I‘m relieved. I have disabled the „forgot password“ feature, so that shouldn’t be a problem.
Thanks!
Hi there! I recently enabled social login with discord, including group mapping. First of all, it works like a charm, nice work!
Regarding my question: What is the nextcloud user password that is being set for newly created users that logged in via discord? The reason I'm asking is, that I need to make sure that there is no chance that any user that previously used discord for login can configure a "normal" nextcloud user password (because from my understanding they would then be able to login even after they left the discord / got kicked from the discord group).
So essentially what I'm concerned about is that a user may fetch the nextcloud login password during discord application authorization and use that for non-social login / to set a new password (if for example the Discord OAuth Token is what social login sets as password).
Thanks in advance!