You must log in or register to comment.
Any system I’ve ever used that expires passwords, forces you to set a new one upon logging in with the expired one.
It doesn’t just lock you out and expect you to figure out on your own that you’ve gotta reset it via the ‘forgot your password’ link.
Those systems are well designed (save for the part that they’re using password expiry)
There are a lot more shitty programmers out there than good ones
Oh, Microsoft Active Directory does this, when you log in via a method that doesn’t allow changing the passwords (e.g. VPN login over RADIUS).
