Description
Maybe this is expected behavior, not an issue...
We have the permission to change password set to "student" so they can change their own passwords. There was a student who should be entering their course via LTI. Initially they had no password. They went to Account Settings and accidentally saved a password for themselves.
I'm just wondering if that should not have been permitted. Changing a password is one thing, but creating one is different. The instructor has not set the LTI option to require users to enter from the LMS (for convenience, so the instructor herself can enter with a password). So now this student can also enter using the password they made up. Maybe that is a good thing? My first reaction is that it causes confusion. I would find it simpler to just know with certainty that none of the students have a password.
What do others think?