Comment 3 for bug 1817357

In my experience, libraries choose the last four of phone option at migration because it is easy for the patron to remember when they first login to their account. I agree that the last four of the phone is not a secure choice, but the patron always has the option to use the phone number for their first OPAC login, and change it after that. In fact, that should always be a standard follow through, even if a random password is generated at login. That password is not secure either because the library staff member who registered the patron knows what it is.

As for the original post, I agree that some staff may be unaware that the password will change when a phone number is entered, and give the patron the incorrect password. It would be helpful if there was some way to manage that in the registration screen.