Forum OpenACS Q&A: Recover password doesn't allow 'CanRetrieve' in 'local' authority
My question is about the way the system sends you an email after hitting the 'Forgot your password' link in the main login page. I would like the system sends the actual password of the user instead the automatic generation of a new one.
I thought it would be a parameter in acs-subsite like 'RegistrationProvidesRandomPasswordP' but I didn't find it. I've seen the call to 'auth::password::recover_password' but since I've never used before the authentication package I don't know what can I do. Must I create a new service 'CanRetrieve' for the 'local' authority which return 'yes' and the old password or merely update my openACS version or...
-5.x openACS with acs-subsite 5.0.0b4, acs-kernel 5.0.0a5 and acs-authentication 5.0a3.
-AOLserver 4.0 for windows
thanks in advance.
Is it possible to work with unencrypted passwords, saving the plain password in the database, without rewriting the existing code?
and change to not use ns_passwd encription any more ....
though, store plain text passwd is not the best option.