DOC Create new users with random passwords

silverstripe · Oct 12, 2023 · 24ac075 · 24ac075
1 parent a8c656f
commit 24ac075
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/en/04_Changelogs/5.2.0.md b/en/04_Changelogs/5.2.0.md
@@ -9,6 +9,7 @@ title: 5.2.0 (unreleased)
 - [Features and enhancements](#features-and-enhancements)
   - [New ORM features](#new-orm-features)
   - [ErrorPage allowed codes configuration](#errorpage-allowed-codes-configuration)
+  - [Create new users with random passwords](#create-new-users-with-random-passwords)
   - [Other new features](#other-new-features)
 - [API changes](#api-changes)
 - [Bug fixes](#bug-fixes)
@@ -87,7 +88,13 @@ SilverStripe\ErrorPage\ErrorPage:
     - 500
 ```
 
-### Other new features
+### Create new users with random passwords
+
+If a new user is created in the security section of the CMS with an empty password, then a strong random password will now be automatically assigned to the user which will not be visible to the person creating the user. The user will need to click the "I've forgotten my password" link in order to receive a password reset email.
+
+This only applies to users created through the security section of the CMS. Users created programatically with an empty password will not have a random password automatically assigned to them. This is the current behaviour and is often used for non-production purposes such as unit-testing.
+
+Note that it is not possible to log in to the CMS using an empty password with the default Silverstripe authenticator.
 
 ## API changes