Account Settings > Security and Privacy

[Johno2518]

Hi,

 

Does anyone know how to remove the section highlighted in green? Since I'm only allowing an OAUTH IDP login, entering a password is not necessary?

 

Thanks

[Johno2518]

NOTE: This is only visible for existing users that then login with the OAUTH IDP (linking the IPS account with the IDP account).

A new user logging in does not see the highlighted section, they just see the Sign In button for re-authentication as shown below. Presumably this requires clearing the password (AdminCP shows a "Set Password" button for a new user) but I don't see any obvious way of doing so via AdminCP.

[Marc]

You cannot remove that without modification. IF they have set  a password within the invision platform, they would need to enter it to get to the security and privacy section.

[Johno2518]

@Marc is there a way to clear the password of user accounts in the AdminCP? I haven't seen anything in there.

[TDBF]

1 minute ago, Johno2518 said:

@Marc is there a way to clear the password of user accounts in the AdminCP? I haven't seen anything in there.

You can do this via the ACP members, and force a Password Reset. Button next to the green one.

[Johno2518]

@TDBF I wasn't sure if that actually cleared the password, however, it also emails the users which is not something I wanted trigger.

[Johno2518]

[Marc]

Yes, it would indeed send them a password reset. There is nothing built in that would achieve what you are looking to do here, as they are not intended to be removed

[Johno2518]

@Marc thanks for confirming! The problem here is converting from a local IPS account to using an IDP only which makes the password irrelevant for members. I can understand for admins having both is a must in case of configuration issues (or just having local account only for break glass scenarios).

I assume having the ability to "Clear Passwords" would be a feature request.

In terms of doing that now, I assume the only way is to run a DB query. Are there any gotcha's I need to be aware of or is it simply a case of checking a new user account with existing accounts and see what the difference is (i.e. is it just a cleared password field)?

[Marc]

Without having tested doing this, there is no way I am able to say if it will cause any issues unfortunately. Simpy as its not something we have tested doing. All I can advise is testing this with a copy of your site, or at least being in a position to restore back if you test it on your live site

[Johno2518]

Not a problem, I got it sorted.

I created a test member account setting it with a password. Setting the "members_pass_hash" and "members_pass_salt" fields to null for the test member in the core_members table resulted in the AdminCP showing "Set Password" as the option. The Security and Privacy section now requests Sign In using the IDP to continue.

Everything now as if the user had joined using the IDP login.

[Marc]

Glad to hear you got to where you need to be 🙂