Drupal Force Password Reset

It’s becoming more and more frequent that sites are asking / forcing users to reset their passwords. The most recent example is the Heartbleed OpenSSL security threat.

If you manage a Drupal website having people reset their password can be easy with the Password Policy Module.

After turning the module on you can navigate to

/admin/config/people/password_policy/password_change
Where you’ll find a set of checkboxes where you can choose which role you want to force to reset their password. You can choose the authenticated user role in order to reset every users password.

force password reset

The the super users password won’t be forced to be reset unless specified in the settings tab.

Leave a Reply