As part of my organisation's security policy, I require my users to update their passwords periodically.
My objective is to alert them that their password has expired when they login via the Sitefinity admin page and then direct them to change their password.
I've been reading this forum about creating an expiry date for registered users.
My plan is to:
1. Create a field called ExpiryDate under the section User Details
2. Set a default date to display in the field when creating a user. Example DateTime.Now.AddDays(60).
3. When the user logins via the Sitefinity admin page, check ExpiryDate
4. If Expired, redirect the user to a page to update their password
5. Upon submit, the ExpiryDate will be updated
6. In addition, I would like to capture the date/time and username of the change as part of an audit trail
1. I have managed to create a textbox field called ExpiryDate under the section User Details
2. How can I set a default date here? Example DateTime.Now.AddDays(60). Right now, I can manually type in the date and it does save into User MetaInfo.
3. I managed to check ExpiryDate
4a. How can I redirect the user to a change password page?
4b. Do I need to create the change password page or can I use the existing one in Sitefinity? How can I accomplish this?
5. I think I can handle updating the ExpiryDate :)
6. What's your advice on capturing an audit trail?
I know it's a whole bunch of questions but I've reading the forum over the past week and I'm still stuck.
Really appreciate your advice so that I can make progress.
Thanks a lot!