function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

Password Expired Behavior Changes in Sforce 5.0

With the sforce 5.0 release, we removed the ability to login to the sforce API with an expired password; attempts to do so will now fail.

In the past, the API has not honored these expirations. With Winter '05 and sforce 5.0, the system will not allow logins with expired passwords. This is important as scripts or other programs that run automatically with an expired password will fail to execute if the password is expired.

If you run into this problem, there are a few options to fix it.

1) Login to the website with the expired password, and change your password. You may then continue to use the application, although you may need to update your integration program.

2) There is a new permission on profiles called "Password never expires". We do not recommend this route except for integration-only users. For those users, we suggest an extra secure password, and customers lock down access to only the IP addresses that need to access the sforce APIs (This can be done on the profile detail screen).

3) Upgrade to the 5.0 API and use the passwordExpired flag on loginResult to automatically reset your password when it's expired (using the setPassword or resetPassword calls)