Hi,
is it possible to reset/change/remove generated App Passwords for an user in case of abuse?
Via OCC command or direct over the database? Where these passwords are stored in DB?
thx - br, max
Hi
do you already tried this:
sudo -u www-data php occ user:resetpassword USERNAME
Enter a new password:
Confirm the new password:
Successfully reset password for USERNAME
I dont know if it also will reset the app passwords but you could try it
DB: The passwords are stored in oc_authtoken
Workaround if it isnt working:
- Reset the password with
occ user:resetpassword - Log into the account
- Personal → App Password
- Revoke the app password
Hi
thanks for this hint - but I don’t use local user accounts.
All of my accounts are provisioned from an LDAP Directory via user_ldap app.
So this OCC Command brings me an error:
“Error while resetting password!”
Also your workarond doesn’t work in my scenario - because I couldn’t login as an
foreign user without resetting the LDAP password of them.
br max
did you have a look at this?
Yes, oc_authtoken is the right table in the DB …
That’s the way it works !
thanks for your support