Feature Requests
Share ideas, discuss and vote on requests from other users in community
This object is in archive!
Category
Admin Area
Tags
security
Under Consideration
User Passwords for all Staff Members which have Privileges to Manage / See an Product are able to read the Password.
Example: /clientsservices.php?userid=xxx
I do not desire some of my staff to be able to view service passwords, so request a separate permission for this.
I like this idea
Hi there,
Thanks for your suggestion.
If an admin role didn't have sufficient permission to view a service password, how would you envisage it being displayed? Would the password field be removed entirely? Or perhaps replaced with a message of some kind?
Hello John,
just not readable. For no one. Including every Admin and Site owner.
I think the best way is when the Password files just shows "****".
It should never exist an permission to show an password for an customer product.
When no other way. Permission should the best solution.
EDIT:
Think about yourself. What would you think when you know, that an firm where you are registered can see your passwords?
Comments have been locked on this page!