There request is to recover the password of a user who is also an “owner”. The current way is to delete the user to recover the password. .115 gave the admin ability to edit a password, but that does not help if you are the owner.
There was a thread where we could not change the users password.
What we discover is while fixing a password, the instructions do delete the user and recreate them. If the user was the owner, then you would lose the “owner” user.
There is a PR right now, that will keep the ower user from being deleted. Which on one hand is good, but what if the owner forgot their password there could be a deadly embrace.
The documentation also mentions a CLI “auth reset --username existing_user --password new_password” but that is not user friendly.
There would be no need to delete the “owner” user to recover the password if there was a way for the owner to recover their password.
Some of the wording in this made me think you want to “recover” an unknown password.
I figure you know encrypted passwords are a one-way transformation; but I’m not sure.
I base this on the assumption of good password management in a reasonably mature OSS. I hope passwords aren’t stored in plain text or as an MD5 hash in HA
@fanuch Thanks for pointing that out. I would expect that passwords are one way only. I am talking about someone who forgot or for any reason, can not log into HA GUI. There are smarter people than I on this but there needs to be some way to prove I was the installer. Maybe by the fact that I have access to the OS. Just guessing. There may not be away to do this safely. Just that when you can no longer remove the “owner” account then the delete user file will not work anymore.
