Addon: Secure Password Reset

[ipgeek-lg]

Makes WHMCS take steps towards PCI compliance. PCI compliance is in place to protect card holder information stored on merchants systems. One key aspect is that passwords must not be transmitted over the Internet by e-mail or any other form of communication, without being encrypted.

 

WHMCS does not meet this requirement in its default installation as resetting a password causes a random password to be sent to the customer via email.

 

This could cause your business serious problems as it develops and many security concious customers will avoid you entirely (I have found this from experience). Use our WHMCS security module to change the emails sent out, removing all references to customer passwords and provide a secure and compliant way for customers to reset their password.

 

You can purchase this module here for 99p per month, more security modules are going to be released in the coming months so keep an eye out!

 

All our modules can be found here https://ipgeek.co.uk/cart.php?gid=15

[Keiro]

We've paid for this... it's something we're concerned about. We will be adding this to our billing system after we've updated it to 5.1.2.

[ipgeek-lg]

We will be adding this to our billing system after we've updated it to 5.1.2.

 

Thats good to hear! Currently we are activating orders within 2 hours on our licensing platform.

We are also getting translations done to Spanish and French in the coming weeks and will be offering these for an additional 50p one off payment each translation.

 

If you have any feedback or any issues implementing the module let us know and we will get you up and running ASAP.

 

Also this is themed for the "default" theme in WHMCS, we offer a theme skinning service for integration of the module into your theme for a one off £25.99 (this can be purchased on sign up).

[Keiro]

Annnd we've added it.

 

Spent a while getting it to work... turns out it seems to be a WHMCS or module bug that was screwing up the template I was using.

 

It was a major pain in the arse to track down because it wasn't obvious that the visual mode was breaking the templates... now that we've discovered the bug, we've passed it on up to IPGeek developers.

 

That aside, it really does work exactly as advertised, once I was able to get it up and running with the help of one of their technicians. Fast response and I appreciated their patience in walking me through troubleshooting steps to trace down exactly where it was breaking.

 

Thanks, IPGeek!

[ipgeek-lg]

Glad to hear everything got sorted and that Ricky could help you out Keiro!

 

This is just a quick post to let everyone know that the new version has been released!

 

So we are now at version 0.5 and have added the following updates to the module!

 

- Ability to choose which clients are sent the security question reminder emails

- Ability to choose the first security question, currently Post Code and Last amount paid are available

 

You can purchase the module from our site here:

 

https://ipgeek.co.uk/cart.php?gid=15

 

or, if you have already bought the module you can download the new version from your client area. As always let us know if you have any trouble and we will be happy to help.

[lukewd]

Our WHMCS also sends the password in plain text in the Welcome Email. Will this plugin fix that too? Or only for password resets?

[ipgeek-lg]

You can fix this by changing the {$password} bit in the email. We changed this to just [The password you set at login] we plan to add this to the module but it is only a secondary thing to the main reason for the module existing.

[ipgeek-lg]

The have started offering an option for annual billing with this module. You can sign up by visiting the following link:

 

http://ipgeek.co.uk/link.php?id=19

[lukewd]

I just installed the plugin and found a problem. I am using the option for the challenge question: "Last Paid Invoice Amount". However many of my customers are on a free account which means invoices are not generated for them. Therefore this option doesn't work. I tried entering 0 when testing the password reset, but it failed.

 

I don't like the idea of using the "Postcode" for the question, as I suspect most clients will not remember what they used here.

 

What do you suggest I do? I think the Invoice question option should allow the number 0 to be entered for free accounts.

 

Also, it would be useful if there were more options for the challenge question.

 

Lastly, I think to improve the usability it would be good to have a link to a support email address in the event that a client can't perform the password reset themselves.

[ipgeek-lg]

Hi Luke,

 

Sorry about the delay, its been difficult to know when you would be up again. With regards to the postcode option, that was added at user request. So we will add anything to the module really by request as long as it doesn't detract from the key concept of the module.

 

The link to a support address is something we can certainly add for you, however as a stop gap you can edit either the lang/english.php file or the pwrst_*.tpl files the same way you would edit the WHMCS theme.

 

We have a release cycle of about 1 month currently so I will aim to get the additions we talked about rolled to the module between 30/09 - 07/09.

 

Hope this helps and otherwise you are enjoying the module.

[tapnet1]

Does anyone know where this module can be downloaded?

 

The link to order is no longer working.