Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Issue with Crowd 3.2.3 caching expired passwords

Thomas Reddock
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
January 2, 2020

We've recently noticed that when a user changes his password, the expired password still works for up to an hour after the change.

We're using crowd 3.2.3 with a Microsoft Active Directory ldap user directory. Crowd is behind a reverse proxy. The Directory is using pretty much default settings.

Is there any setting I can change to stop this security hole?

0 answers

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events