Description
Summary of the new feature / enhancement
When logging into my admin account today I am faced with a "bad username or password" error. I have logged in with the same saved password several times a day up to this point and the password is correct. When looking at the DB I can see that the password was last set exactly 3 months and 1 day ago.
After several hours of lost time troubleshooting and searching I was able to find an article that describes the 90 day password expiration but it is already beyond that point and I had to guess the reason since the error only says bad password.
Please add the ability to set the password to never expire and add in warnings and prompts to make it clear during setup and identity administration that this will happen. Additionally, add in notifications and alerting to warn you that the password will be expiring.
Issue summary:
Local Account passwords expire after 90 days but do not provide warning of that policy when installing powershell universal or during daily use. There is no indication, without reading through the documentation, that the password will expire after 90 days. If this is the only admin account that is configured, and you are unaware of the policy, access is lost. 90 day password expiration is forced on local accounts with no option to disable if desired. When logging into the web ui with an expired password the error only states "Bad username or password." with no indication that it has expired or direction to the documentation to correct the issue.
Proposed technical implementation details (optional)
Add a warning to the MSI installation that indicates the password will expire every 90 days
Add a login notification when the password will be expiring within 30 or 15 days
Add email notifications to indicate when a password will be expiring
Update the error message when logging in with an expired password to indicate that the password has expired instead of a generic error that states "bad username or password"
Add a link to the online documentation on the login screen to direct a user to the local account documentation
Add a toggle to disable password expiration on the identity