function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

Should user have to change password on first logon?

Hey all,


I have developed some code that will create a customer portal user using apex. It basically follows the principles in this article. It works correctly, and the user created recieves an email with their login details (username and password).


My expectation would have been that when the user first logins successfully with these details, they would be forced to change the password to something different. But my testing does not reflect this expectation.


Can anyone confirm that if the behaviour I'm seeing is correct or not? Should the user have to change password on first login?



Shashikant SharmaShashikant Sharma

No you will not be able to test this in your test class. May I know how are you your test class , would like to know how are you trying to test this.


Who said anything about test classes???


This is in production and working, but like I said, when the user logs in with the username and password received via email, they are not requested to change their password. I would have presumed that the password issued was a temporary one and had to be changed on first login.



Shashikant SharmaShashikant Sharma

I might not getting your problem correctly,


1) Are you saying that you are in a test method when you create a portal user and you login with that user you are not asked for password change in test method?


2)In production org when you create a portal user user name password send but not asked to to change on first login?


Please confirm me on above questions.


1) Nothing got to do with test methods what so ever

2) Correct


I'm don't have much experience in the area, but intuitively I would guess that a new User should have an temporary, auto-generated password for them until they first log-in. Then the new user should have to pick a new password to use and remember.


You want the auto-generated password to persist and be the default password?


No, I'd like the password that is received by the customer portal to be a temporary one and when they login they are requested to change it.

Shashikant SharmaShashikant Sharma

Are you recieving system generated password. When ever you create a user system generates a password , in that case you are required to change it. But if you reset password from api from java script using sforce connection in that case you don't need to.


Could you please try one thing, Go to Administration Setup -> Manage User -> Select any partner user -> Reset password -> Login from that user


Please let me know the results.

One caujtion do not login from contact -> Login as Portal user directly , For login use the portal login page.