Jump to content

Addon: Secure Password Reset

Recommended Posts

Makes WHMCS take steps towards PCI compliance. PCI compliance is in place to protect card holder information stored on merchants systems. One key aspect is that passwords must not be transmitted over the Internet by e-mail or any other form of communication, without being encrypted.


WHMCS does not meet this requirement in its default installation as resetting a password causes a random password to be sent to the customer via email.


This could cause your business serious problems as it develops and many security concious customers will avoid you entirely (I have found this from experience). Use our WHMCS security module to change the emails sent out, removing all references to customer passwords and provide a secure and compliant way for customers to reset their password.


You can purchase this module here for 99p per month, more security modules are going to be released in the coming months so keep an eye out!


All our modules can be found here https://ipgeek.co.uk/cart.php?gid=15

Link to comment
Share on other sites

We will be adding this to our billing system after we've updated it to 5.1.2.


Thats good to hear! Currently we are activating orders within 2 hours on our licensing platform.

We are also getting translations done to Spanish and French in the coming weeks and will be offering these for an additional 50p one off payment each translation.


If you have any feedback or any issues implementing the module let us know and we will get you up and running ASAP.


Also this is themed for the "default" theme in WHMCS, we offer a theme skinning service for integration of the module into your theme for a one off £25.99 (this can be purchased on sign up).

Link to comment
Share on other sites

  • 1 month later...

Annnd we've added it.


Spent a while getting it to work... turns out it seems to be a WHMCS or module bug that was screwing up the template I was using.


It was a major pain in the arse to track down because it wasn't obvious that the visual mode was breaking the templates... now that we've discovered the bug, we've passed it on up to IPGeek developers. :)


That aside, it really does work exactly as advertised, once I was able to get it up and running with the help of one of their technicians. Fast response and I appreciated their patience in walking me through troubleshooting steps to trace down exactly where it was breaking.


Thanks, IPGeek!

Link to comment
Share on other sites

Glad to hear everything got sorted and that Ricky could help you out Keiro!


This is just a quick post to let everyone know that the new version has been released!


So we are now at version 0.5 and have added the following updates to the module!


- Ability to choose which clients are sent the security question reminder emails

- Ability to choose the first security question, currently Post Code and Last amount paid are available


You can purchase the module from our site here:




or, if you have already bought the module you can download the new version from your client area. As always let us know if you have any trouble and we will be happy to help.

Link to comment
Share on other sites

I just installed the plugin and found a problem. I am using the option for the challenge question: "Last Paid Invoice Amount". However many of my customers are on a free account which means invoices are not generated for them. Therefore this option doesn't work. I tried entering 0 when testing the password reset, but it failed.


I don't like the idea of using the "Postcode" for the question, as I suspect most clients will not remember what they used here.


What do you suggest I do? I think the Invoice question option should allow the number 0 to be entered for free accounts.


Also, it would be useful if there were more options for the challenge question.


Lastly, I think to improve the usability it would be good to have a link to a support email address in the event that a client can't perform the password reset themselves.

Link to comment
Share on other sites

Hi Luke,


Sorry about the delay, its been difficult to know when you would be up again. With regards to the postcode option, that was added at user request. So we will add anything to the module really by request as long as it doesn't detract from the key concept of the module.


The link to a support address is something we can certainly add for you, however as a stop gap you can edit either the lang/english.php file or the pwrst_*.tpl files the same way you would edit the WHMCS theme.


We have a release cycle of about 1 month currently so I will aim to get the additions we talked about rolled to the module between 30/09 - 07/09.


Hope this helps and otherwise you are enjoying the module.

Link to comment
Share on other sites

  • 1 year later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated