Nexxterra Posted June 27, 2009 Share Posted June 27, 2009 I read somewhere and can not find it again that others want you to bring back the viewable password in the admin. I am with them! I have direct admin, the password that they choose is way different than their directadmin password. So I as the admin go in when the account is setup and make both the same. Now in order to do this, I have to look for the welcome email sent to the client and get it from there! Used to take me 1 to 2 mins, not sometimes 10 mins!!! An improvement should NEVER lose features that existed before! Paul Link to comment Share on other sites More sharing options...
uberhost Posted June 27, 2009 Share Posted June 27, 2009 An improvement should NEVER lose features that existed before! Even features that are inherently insecure? I think most people would disagree with you on that one. Link to comment Share on other sites More sharing options...
MACscr Posted June 27, 2009 Share Posted June 27, 2009 I agree, the feature should never have been there. There is no such thing a secure password that can be decrypted. Link to comment Share on other sites More sharing options...
Nexxterra Posted June 27, 2009 Author Share Posted June 27, 2009 I really do not give any concern for your opinion, I bought the program with that feature, I have set up a number of customer service operations that are baseed on this feature and not it is gone. There are many others that wish to have this, <<removed>> I cant run MY business based on your rules! Also, I have NEVER read a post where a users password was hacked in WHMCS. Link to comment Share on other sites More sharing options...
MACscr Posted June 27, 2009 Share Posted June 27, 2009 <<removed>> There would be no way for us to disable it. Even if WHMCS added the feature back (which they shouldnt), you would have to reset the password for every single client in order to use it since every password is already encrypted in an "unencryptable" format. Link to comment Share on other sites More sharing options...
Nexxterra Posted June 27, 2009 Author Share Posted June 27, 2009 The same algorythm used to encrypt something is used to decrypt, this is quite simple, otherwise once encrypted, the entered password could never be compared to the one in the data base in order to log in. Link to comment Share on other sites More sharing options...
MACscr Posted June 27, 2009 Share Posted June 27, 2009 The same algorythm used to encrypt something is used to decrypt, this is quite simple, otherwise once encrypted, the entered password could never be compared to the one in the data base in order to log in. ROFL, obviously you know nothing about security and secure password algorithms by making that statement. Thanks for proving my point. Link to comment Share on other sites More sharing options...
uberhost Posted June 27, 2009 Share Posted June 27, 2009 The same algorythm used to encrypt something is used to decrypt, this is quite simple, otherwise once encrypted, the entered password could never be compared to the one in the data base in order to log in. That's not how it works. It is the hash that is stored in the database, not the plain text password. When a user attempts to login, the system creates a hash the same way it did when the password was created, thus the two hashes are compared. Link to comment Share on other sites More sharing options...
bear Posted June 27, 2009 Share Posted June 27, 2009 I read somewhere and can not find it again That would be this thread: http://forum.whmcs.com/showthread.php?t=20232 Closing this one. Link to comment Share on other sites More sharing options...
Recommended Posts