Hello ABP Support Team,
We are using the ABP Identity module and appreciate the existing features like periodic password changes (password aging), which forces users to update their passwords after a set period.
However, we also have a requirement to implement password history to prevent users from reusing any of their last N passwords. From previous support discussions, it appears this functionality is not currently supported natively, and a custom implementation is required.
It would be ideal to have built-in support for password history as part of the Identity module. This is a common enterprise security requirement and helps align with compliance standards in industries such as finance, healthcare, and government systems.
Requested Feature:
Benefits:
Thank you for considering this request! We believe this would be a valuable addition to the ABP Identity module and look forward to your feedback.
When I add "Abp.Account.IsSelfRegistrationEnabled": "false" in the AuthServer project's appsettings.json, the behavior works correctly (self-registration is disabled), but the UI still shows the checkbox as enabled on the host/tenant settings page under the Account tab.
If I toggle the value once in the UI and save, the display becomes correct, because a new record is created in the AbpSettings table.
Reproduction Steps:
abp new MyApp -u angular -t app-pro --theme lepton -m none --separate-auth-server --database-provider ef -csf --version 9.2.4
AccountAdminConfigModule.forRoot()
"Abp.Account.IsSelfRegistrationEnabled": "false"
Expected Result:
"Enable self registration" should be unchecked in the UI when the setting is false.
Actual Result:
The checkbox is still shown as enabled, even though self-registration is disabled in behavior.
