This solution applies to Barracuda SSL VPNs, all firmware versions.
By default the Barracuda SSL VPN encrypts all user attributes with the user's current password. If the password changes then the SSL VPN needs to know the old password so that it can decrypt these values and re-encrypt with the new password value. If the user does not remember the old password then it does not need to be entered and the user can select the Reset Attributes option. This would mean that any attributes that the user has stored will be deleted and replaced with new empty values as the data could not be decrypted.
Encryption of the Attributes can be disabled through the SSL VPN if required. Go to Access Control > Security Settings, in the Confidential Attributes section is the Confidential Mode option. Set this to Disabled and the SSL VPN will stop encrypting the Attributes with the current password, so the user will not need to update their password when it changes.
Link to This Page: