Even though the password_policy > expire_days setting is set to false, in maintenance mode, the backend said the password was expired and forced me to change it.
This is for security reasons. If User A creates User B, then A knows B’s password, so B must change their password to something else as best practice.
Hi @daft Thanks for your answer. I still think there should be an option to completely disable this policy, at least during development.
Great idea. We’ll only enforce this policy in production. Thanks @federico.schafer !