Students are required to remember their passwords, and if they forget them, they need to request a password change from their Technologist or Administrator. The Security Model works, the password rules need to be tightened so schooltool/teacher/student/admin aren't valid passwords.
Email to reset/send a password is a nice long term goal, but it isn't something that should be a focus of development pre-1.0. There are almost no institutional systems that should allow this. (BlackBoard has an option, but Arlington keeps it *off*)
Finally, it is not SchoolTool's fault that people can't change passwords. Every system administrator should know that step 1 of every system is looking for and changing every default password.
I agree with Tom about this.
Students are required to remember their passwords, and if they forget them, they need to request a password change from their Technologist or Administrator. The Security Model works, the password rules need to be tightened so schooltool/ teacher/ student/ admin aren't valid passwords.
Email to reset/send a password is a nice long term goal, but it isn't something that should be a focus of development pre-1.0. There are almost no institutional systems that should allow this. (BlackBoard has an option, but Arlington keeps it *off*)
Finally, it is not SchoolTool's fault that people can't change passwords. Every system administrator should know that step 1 of every system is looking for and changing every default password.