This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Head's Up! These forums are read-only. All users and content have migrated. Please join us at community.neo4j.com.

Force password change for a user

mohitrajvardhan
Node

on ‎12-18-2019 06:45 AM

The instruction to Force a user to change password using the native authentication at any point of time in the neo4j 4.0.0 enterprise edition.

0 Kudos
Comments
dana_canzano
Neo4j
Neo4j
‎12-18-2019 01:36 PM

https://neo4j.com/docs/cypher-manual/4.0/administration/security/users-and-roles/#administration-sec... which indicates

Users can be created using CREATE USER.

Command syntax. 

CREATE [OR REPLACE] USER name [IF NOT EXISTS]
      SET PASSWORD password
      [[SET PASSWORD] CHANGE [NOT] REQUIRED]
      [SET STATUS {ACTIVE | SUSPENDED}]

and then provides the example of

For example, we can create the user jake in a suspended state
 and the requirement to change his password.

Query. 

CREATE USER jake
SET PASSWORD 'abc' CHANGE REQUIRED
SET STATUS SUSPENDED

is this what you needed? or something else ??

mohitrajvardhan
Node
‎12-20-2019 03:08 AM

After user creation if I choose to login into the user account to check if the assigned permission is correct then I will be prompt to change the password. Once I am done validating the user then can I run the below mentioned command to force the user to change the password again:
UPDATE USER jake
SET PASSWORD 'abcabc' CHANGE REQUIRED

dana_canzano
Neo4j
Neo4j
‎12-20-2019 11:12 AM

@mohitrajvardhan17

I'm not seeing a UPDATE USER .... Are you seeing this in the documentation?

Rather

https://neo4j.com/docs/cypher-manual/4.0/administration/security/users-and-roles/#administration-sec...

would suggest

Command syntax.

ALTER USER name SET {
      PASSWORD password
            [[SET PASSWORD] CHANGE [NOT] REQUIRED]
            [SET STATUS {ACTIVE | SUSPENDED} ] |
      PASSWORD CHANGE [NOT] REQUIRED
            [SET STATUS {ACTIVE | SUSPENDED}] |
      STATUS {ACTIVE | SUSPENDED}
}

The password can either be a string value or a string parameter.

For example, we can modify the user jake with a new password and active status as well as remove the requirement to change his password.

Query.

ALTER USER jake
SET PASSWORD 'abc123' CHANGE NOT REQUIRED
SET STATUS ACTIVE

Did you find a UPDATE USER .... in the documentation?

Version history
Last update:
‎12-18-2019 06:45 AM
Updated by:
Contributors