Current password is pre-populated in password reset screen
SummaryWhen a user's password expires, they are redirected to password reset screen. "Current Password" is populated with the long encrypted password value.
If the user does not manually clear it before entering the Current password, the section fails validation.
Steps to Reproduce1.Allow users password to expire.
2.Log into the application.
The issue is due to the defect in the Pega rules or code.
Before displaying change password section, operator instance is opened and hence the value is pre-populated, the property pyPwdOld is of type Password so its displayed in encrypted form.
On installing the hotfix, the field will be displayed as blank and user has to enter the current password.
Published October 26, 2016 - Updated November 8, 2016