Change User Password Function
I have been testing this functionality and find that:
a) user passwords can be changed in the Admin >Users>Security area but although the new password is tested correctly for minimum length set in config settings it ignores the setting MinRequiredNonAlphanumericCharacters. I currently have this set to 1 ( the default ) but it accepts a password without any non-alphanumeric characters.
How does this config setting work and is it currently active or ignored?
b) I cannot effect a user-driven 'change password' from the link on the MyAccount>Profile page
If I enter correctly the existing password and a new password that meets the configuration conditions, clicking the update button takes me back to the MyAccount page and there is no confirmation message of the new password having been accepted and the password remains unchanged. This situation is unaffected ( as I would expect ) by the synch process.
If I incorrectly enter the existing password and enter a valid new password the incorrect existing password is displayed in red text in place of the standard error message text.
Can anyone offer any suggestions as to what I may have done wrong and how a user may validly change their own password.