Sign up using Google, Facebook and Twitter

Not just limited to Google, but please include Facebook too

Yes, always have wanted this!,

Please also include Twitter... Why not? OpenID ?

OpenID, Facebook, Twitter, and Google should be considered. Most that have one have the other + another, but it'd be nice to have options.

for security reasons, i'm not agree with this feature. Only agree with internal SSO process.

I think that this would be great to have maybe "Sign in with Google" but a lot of people on FaceBook, Twitter, ect. use fake information. I feel Google has a bigger truth, as email is one to one more personal if that makes sense?

Harrison, I think you've probably swallowed slightly too much of the Google "hype" .. but putting that aside, I think it should be down to the SysAdmin to decide which service(s) he wants to allow people to use to log into his WHMCS installation ... so Yes, Google, FaceBook, Twitter, OpenID, MySpace, whatever ... Personally though I'd like to see Facebook and Twitter done first, and then others come along as/when.

I'll second the dissent for security reasons. This is just begging for credit card fraud.

No e sutil, pues quien va quered administrar datos financieros con una cuenta de Facebook o Google

It's bussiness system non social - non critical - fun used system.

I'm using Google as a business account. Also uses Facebook/Twitter/Linkedin for professional matters.

Google yes, I would not implement Facebook or other social media logins.

It is a fine feature, as well as would be a security issue, but that is also true, that most businesses are using facebook, linkedin, google etc for their business, and would definitely like to get connected to the same, as somebody said above most of the users use fake info on facebook and such platforms, but they can create an account on whmcs too using fake info.. atleast that can be a feature to signup for services, via these platforms. so user need not to enter info.

for me it is a very nice idea to integrate Facebook, Google, Linkedin, twitter etc. it could be optional.

Haha, just when I tried to vote against this feature my sign-in with Twitter miserably failed...Honestly, for the sake of our customers & our business I wouldn't want a mission-critical system and sensitive data open to the likes of FB & Google or any of their apps.

this is a billing portal and not fun and social networking system .. or a gamin portal ..this is a useless request

Prateek, that is a very short sighted view.

WHMCS does so much more than just billing. It is a project management, support and software licensing system to name just 3 additional features.

Really, whether or not to turn on this feature should be down to the individual site owner. Single signon is a useful feature for some people. If you don't want it on your site then simply don't enable it.

Even companies like Netflix use single sign on ...

I for one would like to be able to integrate into Facebook so when customers buy a service from us we can post to their timeline advertising the fact they've just licensed an app or bought a domain ...

Many more people use Facebook (and twitter) than Google+ ...

Bad idea.

Security issue,

Too risky, enough leaks we have already

+1 Vote

Hi, this would be simply wonderful for our time limited free trials, and i suppose there is other hosts there offering free trials too that would benefit from simpler signup for these.

Regards,

For security reasons I will have to disagree with this.

Why is this a security issue? What's different between this and someone entering false information on your registration form?

They would still need to be scanned with Maxmind and I assume it wouldn't let them sign up without entering address information anyway for invoicing purposes.

No No No!!

This sounds like a great idea.

However, if there are true security issues I would be interested in someone explaining please?

These sort of signups do not share required info WHMCS would need so I vote no.

Facebook, Linkedin only tbh.

How can WHMCS port the address over from Twitter or Google?

For people saying negative things, You can turn it off or remove it. At the end of the day, your targeting Website owners & business mainly who if you haven't known yet use Facebook for promotional reasons / connecting to friends and family. And some professional business owners and other people use Linkedin as its more professional business social networking.

So you're technically bringing everything into one. They can log in securely without proving a password as long as they are logged into the social network. Minimizes the inputting information... Saves the customer time and effort.

I would like it but unfortunately I don't have any more likes and therefore can't vote.

nowadays almost any script supports this feature and I think it would be great if WHMCS support Facebook/Twitter/Google for the new clients to register

Bad idea. With the amount of SPAMMERS and SCAMMERS out there, a few simple key strokes through Facebook, or whatever and the next thing you know, your overwhelmed with bogus accounts, or possibly DDoS attacks, etc..... This sounds way too risky to say the least.

So what's the difference between having scammers / spammers using tools to sign up to your billing area and the difference of them using a one button to sign up with a facebook / linkedin account?

how can they DDoS by signing up?

Sounds to risky to use you.

I believe its Facebook that should be worried about DDOS and other attacks not us :D

Again You've not answered the question.. If clients are number 1, why aren't you thinking about them? Can't be bothered to make their life easier.. Just thinking of myself...

Security? Sorry but what's the security issue here? A one click registration? Sorry tell that to Visa (Card company) They've just done a email and password once and your card information is used without giving the shop any information...

https://www.v.me/

Now Mr. TNG Web Hosting is that un-secure? Don't they care about their customers? Could they get spam or scammers using their service?

Kiddie hacks Facebook account, kiddie logins to WHMCS, kiddie steals credit card, kiddie looks at porn using said credit card.

VERY simple example of why not include this.

Well if you're referring to yourself being a "Kiddie" or if you've experienced a kid doing what you're saying, they are one heck of a kid. Because I thought that would be something a Teenager does. If they do, have you ever heard of IP Addresses? Ever heard of the latest top notch technology called a IP Banner? Ever thought or reporting the IP for FRAUD? No or did that just slip your mind?

If you don't want to use it... Easy I'll answer that for you... DON'T TURN IT ON!

Kiddie being a script kiddie if you've never experienced any. And why resort on POST-fraud stuff when we can clearly prevent it from happening by not letting any possible leaks?

We have two addons for this in the WHMCS community addon directory. I will contact the WHMCS team to see if they are perhaps interested in working together to get these integrated in the core to make this feature realized faster.

Adding a way for users to register in a matter of seconds making it easier to purchase things from you is useless? Anything to make it easier to sell products is certainly USEFUL in my opinion.

You still need to collect information about the client - I don't see this as being viable for most commercial website use.

Security reasons? What are your concerns?

Really bad, non secure and useless idea, and doesn't even have sense. Client still must provide all personal data, so this just doesn't improve anything...

Feel free to include actual facts on why it is insecure. It does improve the registration process allowing your clients to register FASTER.

Really? You are collecting the exact same information from a normal user registration. Do a quick search for a couple commercial websites allowing log ins from other websites. Not hard to find. http://janrain.com/customer-success/retail/

And you really think that online store for selling lamps, food, and other consumer staff should be compared with web hosting business... Internet and hosting provider services requires much higher security standards.

I agree with others saying this is not a good request. There are way more important features to look into than this. +I don't want my WHMCS using social website user details to create client accounts...They can signup and register manually, like a normal person would do.

This honestly is completely of no interest to me and our company. There is so many other things that I would rather see WHMCS invest their time and effort in, and I can honestly say we would disable this immediately when this is released.

Well, look at the total number of votes. People have talked, proportion is 9 to 1, that's it for every 10 persons there is 9 in favor of it, and 1 against it. Live with it.

Well I am happy to stand behind my opinion. Just because everyone votes for something does not mean anything to me. I see many other features as a priority as that is exactly what I was trying to say, spend more time developing a billing and support system to be better and improve that function of the business and let's leave tools like this for another time. Let's remember this is a billing system first and foremost not a social application. Would you allow staff to have a single signing with FB to your billing system? I wouldn't. But I am not going to debate the merits of my reasoning but there are lots of comments here that appear to align with my thought process.

This is a billing, support, and ordering system. This will help with orders, specially with free trials. They can abuse your free trial? yes, but they also can without it, tighten your server security, specially for free trials.

And about using it for paid products, they have to pay with CC, bank or whatever, they will have to input their real data at some moment of the payment.Then you use maxmind or any other fraud detection system plus manual supervision.

About staff... this is not for staff, is for customers. For sales more exactly.

Why do you need to sign with Google, etc? It will not provide the billing system anything but an email, so all the other forms with address will need to be filled in anyways. What a waste of a feature request.

You again completely do not understand my point. Is this an interesting idea yes, but do I want to have this take priority over other necessary improvements? No. There are many other important things that WHMCS needs to work on. That is what I'm saying and will continue to say.

For what i need more data than an email for a free trial?

less data to input on form= higher conversion rate (more signups).

Some customers doing trial will input fake data, which will pass maxmind verification in many cases btw, and of these some end up contracting paid service with their real data after this.

I see where you are going to, and that's your business and i suppose it has some different target, maybe more exclusive or something.

But this measure should help to improve sales for many other businesses with a more general target. And that's why it's reflected on the votes.

Of course you are on your right to defend your interests.

No, our business is not exclusive, however we want to collect legitimate information from people that sign up with us.

Why? Well, if all you are collecting is an email address from someone when signing up, think about what type of person you are attracting. Would people that are essentially anonymous, do you think that they may be more likely to be causing you problems? Sending spam and then blacklisting your IPs? Warez?

If this is what you want, then fine, attract as many free trials as you want. But be careful what you wish for, because you may attract exactly the type of people that you do not want to be hosting.

At this moment we have more than 400 trials signups per month. For spam, we limit these accounts to 30 emails per hour. Warez and so on... well, you have to monitor everything, and impose strict security measures.

These trials drive in a lot of new clients, and yes i do wish to attract as many of them as i can.

Doesn't hurt to add it as a feature of whmcs with a simple enable and disable for those who want it and don't.

Not all of us want the plesk addon as it doesn't meet my needs... and whmcs doesn't force you to use the module.

It would be fine if WHMCS wanted to offer this. And for those of us who don't want it - we would just not choose to use it.

I wouldn't use it because I don't want Facebook or Google or anyone else knowing a damn thing about my business!

Plus, when someone is purchasing an ongoing service that they may be using for years I think it's better for them to feel they have a direct relationship with us. Just the simple process of having to fill out our forms to get started helps them to feel a connection to us.

Too many privacy and security issues.

Aggreed ,

You can make it optional for users who want it , they can enable it from admin :)

Cool feature. OpenID should be implemented also, as I understand its easy to do. Also after the details have been pulled from Facebook/google/whatever, it should be nice to ask for some more optional information (like company name for example). To have more client details.

great id

I don't agree with this feature. Web hosting services are not social/community material. While the feature has one benefit (client doesn't need to provide info manually, Can login in one click) the problems it brings are going to outweigh the benefits considerably.

How many Facebook accounts are breached daily? I dare not even consider it but i can well imagine its far more than you would think. All it takes is the click of a rogue link or the use of a rogue app and the account is breached and therefore your system is breached.

Facebook connect is the system required for this and that requires the creation of a Facebook app.That app is then installed on any Facebook account that chooses to use your easy login and on a breach account your app installed opens the door to your system. It might not be a full scale breach but it's a clients account that would be breached and those are just as important as any admin/support account and should be treated with the same level of security.

This is just one example using Facebook, now open the door across many social networks and I can only presume your PCI Compliant server will soon be failing to meet the requirements needed.

I say leave it as it is, it's not broken so it doesn't need fixing.

down vote

I just see fraud, and possible leaks in the future. I'm a No on this feature.

We use the api for whmcs to serve as our auth/identity server for our web apps. Being that web apps demand connect features, we use the api to setup the user in whmcs and then use the api to log-in to the apps. The other advantage is they can also now log-into whmcs. To address the issue of email being the key between whmcs and Facebook and that is volatile, we've added into the tblclients and new column, fb_id.

Not sure how this will work out, perhaps we should have whmcs tie to a more traditional auth server?

As mentioned before. FRAUD!

Also this is kinda dumb as you wont be able to grab all the required info so it will be like adding another step to the cart.

I'm going to say no too for reasons all mentioned before.

no go from me.

Steam would also be great!

https://github.com/SmItH197/SteamAuthentication

Thanks,

Chief Technology Officer

Litehosting.org

Really bad idea.

I would also want to disagree with this idea due to security and fraud.

In my opinion, this is a great idea and as many social platforms should be incorporated as possible. At the end of the day, this is what we have Fraud Detection/Prevention systems like MaxMind for.

We need their real name, real address, phone number, email address and credit card number. We don't need their fake name, fake unused email address and names of their fake friends!

I feel that this is opening your client area to more fake accounts or account with limited or rushed details. If this feature implemented I will not be using it.

Nevertheless this may be useful for some people.

-Grant.

If Social Media sign in is enabled I'd like to see an automatic 2-tier authentication in place

I remember that I see a WHMCS premium addon with the ability of oAuth authetication using multiple Social Networks.

I will search again :)

That is business system, it's not a toy.

Yes! We all are business men and requested for a feature rich to boost customer experience.

The conversation is strictly for grown men and not the kids like you. Go and play kid.

I found a FaceBook connect module and a module with Janrain support.

These are the module pages:http://www.whmcs.com/appstore/446/Login-Modules-Janrain-Engage.html

http://www.whmcs.com/members/communityaddons.php?action=viewmod&id=1338#discussion

Ij you have an Android phone, Adwords account, or somethink like this, you use your Google account with CC information. I thinks is a good idea for people now is useing this kind of services. Google and twitter is not a good idea for me...

I don't think its require

Not a Good idea ! ! ! Very very Bad. Your Hosting Business is not a Public Online Web Service where anybody can just sign in. ! ! ! it is a Bad Feature ! ! !

@Mur0k0, please think a bit more about it.

The thing is to be able to authenticate through the client's preferred service provider, like Google, Facebook, Twitter, Microsoft, Yahoo, Linkedin, OpenID, etc...

This is possible using OAuth, in fact there are several modules already available for it, like:

http://www.hostthebest.com/socialwhmcs.php

This means that the user would use their preferred method to authenticate instead of remembering another username/password, the client still has to register with his/her contact info and any custom field you want.

The request is badly titled, and not very detailed, but this is the idea, there's no way to accurately get the client's tax info or company details from facebook.

Regards.

Very short sighted, and irrelevant

Having a central auth system is a very good idea. There's nothing to stop me logging into your hosting platform with bogus details anyway ...

All this module would do is utilise an authentication lock between one site and another. Whether they're using valid details one the platform or not, all we're asking is that they can use a centralised authentication token to log in.

Once done, we can then (perhaps) post to their timeline saying they've just bought xyz from us and increase our marketing for free ... a great idea ... if you ask me

We see dozens of signups a day with stolen card data and bogus user info .. the problem exists already .. we live with it (< 1% of signups are actually bad) ... what we want is a better way to interact with our valid customers and their friends through social media

sign in with google button is enough

There are two modules in the WHMCS community addons directory that allow this. Oneall.com and Janrain modules which allow almost all social logins to be used.

Hello, you can use with our mudule for this http://modulim.com/

Yeas need Facebbok log in.......

Customers daily uses facebook, linkedin, google and other social but they often use WHMCS account one time per year to renew services and normally they forgot password and even if there is a logical procedure to obtain a new password the 80% people open a ticket to ask a new password and it dramatically increase support time.

So the propblem is not if do that or not but how to deploy a secure procedure that permit to use this usefull feature.

Wow... that is a little OTT... Credit/Debit cards are encrypted and can only be decrypted by the admin side (unless using a module like Stripe) and usually only show the last 4 digits of the card number - so the thought kinda sinks.

People are thinking that this is going to be a security risk, yet there is no security risks by registering an account, its just a quicker way of registering an account, there are no risks in registering an account on your WHMCS using an existing account elsewhere - you can always disable the feature if you don't want it?

I'd love LinkedIn, Facebook, Titter and Google to be implemented here, any information that isn't available on the 3rd party site can be asked for after linking.

Bad Idea as FB is not a secure system. If you are offering your clients a secure environment this is a bad idea . It would never be implemented on our system.

Definitely disagree with this one. WHMCS time would be better spent on other request (auto update and Stripe payment gateway being my current 2 high priorities).

Please NO Google integration in any way! WHMCS is a financial application, I want to keep data miners as far away as possible.

SSLv3 used to be a good idea, huh Google! We dont need that..

Any feature is optional. What means "Please NO Google integration in any way"?

Please keep your mind open and please think that we all have different needs and views about a subject such this.

Thank you.

Hi guys, i think the process of new order could be a lot of easier, because the customer will do step by step, sometimes isn't necessary too much information, we need just a email and password, but in WHMCS we need a lot of information to be a new customer. With Facebook or Google connect it could be easier, there is a lot of information already in there.

If whmcs can help us integrate google login, and login with clef(using phone to access the website).

Security, real clients, etc will increase.

Thank you whmcs

Instead, allow it as an option. So by default you have to use the standard system. Otherwise you can opt-in for google, facebook, or twitter separately.

This will be the best way of upading whmcs in next level as we can confirm more customer to our system and run business in larger figure as facebook and google is number 1 social platform to engage them in finacially and socially.