Can no longer reset client passwords

[battles 1]

We can no longer reset client passwords from the Admin area nor can our clients reset password from the login/forgot password area.

Help!

[battles 1]

ok - so I've got a lot of issues with this. I see that now it's under "Users/Manage User"

1. Why keep all this blank space where it used to be? It looks broken.

2. How do I convert all the main accounts "contacts" to users so we can reset passwords?

 

[Biswas Host Ltd 4]

@battles , click "Users" from client details page then "Action" dropdown & now you can see Password Reset option from admin panel. check attachment to be clear!

[battles 1]

Thanks yes I see that.

Is there a way to convert contacts into users?

[brian! 3003]

On 10/10/2020 at 01:57, battles said:

1. Why keep all this blank space where it used to be? It looks broken.

I would agree - I can remove the blank spacing with a simple CSS hook (on both users and contact pages), but it really needs WHMCS to restructure the output in a future update.

[DennisHermannsen 68]

40 minutes ago, brian! said:

but it really needs WHMCS to restructure the output in a future update.

WHMCS v9 - Admin Area refreshed (3 blank spaces removed)!

[brian! 3003]

31 minutes ago, DennisHermannsen said:

WHMCS v9 - Admin Area refreshed (3 blank spaces removed)!

WHMCS v8.15.2 - Admin Area refreshed (old menu returns - due to public demand demonstrated by a 2-vote feature request gaining traction!). 😜

[WHMCS John 204]

Hi @battles,

That is correct, check out this help article: https://help.whmcs.com/m/v80/l/1301340-where-is-the-reset-send-password-option

[snofire 1]

On 10/12/2020 at 7:15 AM, brian! said:

WHMCS v8.15.2 - Admin Area refreshed (old menu returns - due to public demand demonstrated by a 2-vote feature request gaining traction!). 😜

When is 8.15.2 coming out that we get this back?

[matador007 1]

This is ridiculous.  We should be able to reset passwords for clients as v7 allowed us to.
Of course someone makes a Module for $25 that can do it, but WHMCS cannot ?

Come on WHMCS, get with it please.

[Kanguru 1]

I agree this functionality was so convenient! Why remove it!!

[xyzulu 20]

9 hours ago, Kanguru said:

I agree this functionality was so convenient! Why remove it!!

You can still trigger a password reset in 8.x.. see: 

 

You can't choose the password for the customer however.

[twhiting9275 49]

2 hours ago, xyzulu said:

You can't choose the password for the customer however.

THIS is probably the most ridiculous change I've seen in the 8.x series (and trust me, I've seen quite a few).
Choosing a client's password , or resetting it for them (no, sending them a link is not the same thing) is a pretty crucial thing.

You can tell the WHMCS team haven't actually spent time on the phone with customers, at least end hosting customers, because, in the time I did end user support for various companies this came up rather frequently.  

Quote

just reset my password to xyz123

It doesn't take that much to verify clients, really, and honestly, given the hosting industry, if you can't do something as simple as this, you're going to get some ugly feedback from your customers

 

On 10/9/2020 at 7:57 PM, battles said:

1. Why keep all this blank space where it used to be? It looks broken.

Again, agreed. It's obvious that this was an after thought here. Hooks shouldn't be needed to fix the design mess (and yes, it's broken) caused by software developers.

 

[Mindnet 0]

This change in WHMCS makes things difficult.

We have customers who need a new password to access WHMCS, when we perform the reset, the customer says that he did not receive the email or that the reset process does not work (probably the customer does not know how to do it).

In short, we have no way to save a password for the customer and providing it by phone, chat or email, the customer has no way to enter the WHMCS to make payments.

Honestly, I don't know which brilliant mind thought this change was a good idea.

Please, allow admins write a new password for a user.

[xyzulu 20]

While I am ok with this change.. surely you are logging all your outgoing emails. If this is the case you will be able to see if they reset email was delivered to your customer or not. It's rare that email is not delivered unless you have not setup spf/dkim etc and are not using a proper email sending service.

[bear 84]

41 minutes ago, xyzulu said:

you will be able to see if they reset email was delivered to your customer or not

You will be able to see if it went out, but if it's to an external server such as Gmail, out the door means out of sight. 😉

[xyzulu 20]

Not at all.. the logs will reveal if Gmail accepted the message. If you have SPF and dkim configured it's likely your message will be in their inbox. Embed a pixel and you can even track of they opened the email.

Edited December 25, 2020 by xyzulu

[bear 84]

1 hour ago, xyzulu said:

Not at all.. the logs will reveal if Gmail accepted the message. If you have SPF and dkim configured it's likely your message will be in their inbox. Embed a pixel and you can even track of they opened the email.

That will only say if Gmail accepted it. It won't say if it hit the inbox, the spam box or whatever. 
As for embedded pixels? I block those. I'd assume, since that's a common spammer gimmick to validate email addresses, that others do as well.

[steven99 80]

39 minutes ago, bear said:

As for embedded pixels? I block those. I'd assume, since that's a common spammer gimmick to validate email addresses, that others do as well.

And most webmail clients and other mail clients will block / no load them by default and I'd bet gmail does also as well as gmail might consider it spamish and toss it in the spam folder -- they did at least for a client's signature's linked images .

This might require a couple hooks with an ajax call to handle.  Geez, reinvent the wheel time. 

[xyzulu 20]

Believe me it works just fine (email opens and clicks - clicks are easy to track) in Gmail. Don't reinvent the wheel.. Just use a reputable email sending service with all these features.

Edited December 25, 2020 by xyzulu

[Mindnet 0]

Tracking whether the email arrived does not solve the problem.

It is no use saying to the customer: "look, I saw that the email arrived in your gmail" - the customer wants the solution, or the access. Gmail accepts the message and then blocks it internally.

And there is not only gmail, there are corporate emails with their own domains and servers with crazy rules, which sometimes block legitimate messages.

In theory, the idea of sending the reset link is great, but in practice, in the real world, several problems occur and generate confusion for the client to access the WHMCS.

The solution is very simple: do not change what already exists in version 8, but add the field so that the admin can manually record a password.

It's really simple to do, so simple that someone is already selling a $ 25 add-on that does that.

[bear 84]

12 hours ago, Mindnet said:

Gmail accepts the message and then blocks it internally.

^^ That was my point exactly. 🙂

[gnsw 0]

I really don't understand why remove a necessary option for the system administrator.  This makes us look bad to a client, it is ridiculous to try to explain to a client that we are the system administrators but we can't just change his password. 

Are you trying to favor the developer of the "Change User Password" module ?

Why is there no more response from WHMCS in this post?