The Password Modification Timestamp

Technically it’s not really a timestamp, but a MySQL datetime field in the users table, and there are some interesting things you can do with this field.

On January 9, 2016 a new field was added to the users table, called “passwd_modified_at”, and code to set up a MySQL trigger was introduced at the same time. The trigger is handy, because it will update the passwd_modified_at field any time a user’s password is changed. This means you don’t have to worry about updating this field, and can simply benefit from it existing.

What Can It Do?

I’m sure you can come up with some ideas, but the reason why I added the field and trigger to Community Auth was so that you can enforce password changes. Many websites have features that are easy to implement with this new field:

  • Reminding a user when they last changed their password.
  • Forcing a user to change their password after N days.
  • Sending a user an email when their password is changed, and showing them the exact date and time.

Community Auth doesn’t provide any examples on how to do anything with the new field, but it’s there for you’re coding pleasure.