[Admin note: This topic was split from the topic originally posted in as the issue was unrelated]
Today I found your Force Password Change plugin and was very pleased to give it a try. However, I could not make it work properly for pre-existing users that had never logged into Joomla. It was quite odd, so I logged into the hosting provider to verify the Last Login of NEVER (shown in the Joomla back-end) did indeed match up with the all ZEROS entry in the jos_users table. I verified the match and then tried enabling the plugin to see how it works before importing a bunch of new users.
For pre-existing user accounts who had never logged into Joomla, the plugin doesn't work for me. However, if I create a new account AFTER installing the plugin, the redirection works like a charm. Is that by design?
Also, is there any way to prevent the user from re-entering the same password? If not, then I should make the password so cryptic that they will WANT to change it to something else. Good thinking or not?
Thanks for this plugin!! Love it!
I split your topic from the post you originally commented in since that was totally unrelated to what you were asking.
There's nothing in the plugin that 'knows' when a User was created, so there shouldn't be any reason that creating a user after enabling the plugin would have any difference. Our plugin only checks the lastvisitDate column for the user to check that it equals:
If it's anything else (null, blank, any extra spaces before or after), our plugin will NOT fire and not require the user to update their password. I'd recommend looking again at the database rows and make sure that's exactly what the field is for any users imported. If so, even try running a SQL update to force a user to exactly that and try again. It's possible there's something you're not seeing.
In short though, that's the only field we look at, and have no idea of when the user was really created, just when they last logged in.
Finally, for re-entering the same password, nope, no way to do that. We simply force them to change it, but then let Joomla handle the actual update of the password. It's a good idea, but could take a bit of re-jigging to make it work right and without issue.
Hope that all helps, and good luck!