Support Article

Password change screen does not behave correctly

SA-34545

Summary



Changing password screens are inconsistent across the application. There are three areas you can change a password.
1. When prompted on login
2. via profile and
3. via user management.

All three currently behave differently.

When prompted on log if you enter the password wrong the password fields are cleared and a small error icon appears. No error message appears on screen. User has to hover the mouse over this icon to get guidance as to what they have done wrong.

When an agent changes their own password from their profile. If they get the password wrong a pop up appears advising what they have done wrong. Agents have to click ok or close this new window. Also the previously entered password is not cleared.

When changing a agents password in user management. If you enter the password wrong an error message appears however it does not open in a new pop up window. The entered password is not cleared and a longer password is autopopulated in the “confirm new password field”.


Error Messages



Not on screen but screen behavior is incorrect.


Steps to Reproduce



Current Password: autopopulated (ENCRYPTED AND NOT ACCEPTED WHEN SUBMITTING NEW PASSWORD)
New Password: blank
Re-type New Password: blank

When you try to submit your new password you get an error, which does admittedly highlight around the Current Password. It doesn't make clear that this is encrypted.
------------------------------------------------------------------
Test 1
Logged into account. Change password screen appears
Entered a password that didn’t find the minimum password criteria.
All text fields are cleared and an error message is displayed.

Test 2
Opened change password from profile. Clicked change password.
Entered a password that doesn’t fit the minimum password criteria
The below error message is displayed. Click ok.
Old passwords have not been cleared

Test 3
Navigated to update password in user management.
Tried to change password.
Password fields remain populated and confirm new password field has been autopopulated


Root Cause



An issue in the custom application code or rules.

Resolution



Issue 1 :

When prompted on login.(if Password Expires)

Installing HFix-26789 and then customizing pyCustomChangePassword activity by adding custom java code specific to bussiness requirement. For example to blank out the values when there are errors below java code can be used:

String message = myStepPage.getProperty("pyPwdOldText").getMessages();

myStepPage.putString("pyPwdOldText","");
myStepPage.getProperty("pyPwdOldText").addMessage(message);

message = myStepPage.getProperty("pyPwdVerify").getMessages();

myStepPage.putString("pyPwdVerify","");
myStepPage.getProperty("pyPwdVerify").addMessage(message);

Issue 2:
Operator Profile has a button to change password
- Save as the Data-.FormSave2 activity in to your rules set and customize that activity to disable the client side validations and perform server side validations and make the fields blank on UI.
- Refer the above created activity instead of FormSave2 in Operator-Profile-Full HTML which is available.

Issue 3:
‘User Management’ or opening the operator record has option to change password


- Save the setPassword Flow action to your ruleset and have your own activity in the Post-Processing of the Flow action to achieve your business requirement to make the fields blank all the time if there are any error messages on the screen.

Also in all the three cases the sections are: pyChangePassword and pySetPassword,these sections are available sections and user can customize the section as per their requirement.

Published March 21, 2017 - Updated October 8, 2020

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.