Thread: User Passwords
View Single Post
  #7  
Old 17th May 2008, 13:32
PoleCat PoleCat is offline
Member
 
Join Date: Mar 2007
Posts: 57
Thanks: 6
Thanked 3 Times in 3 Posts
Default

Quote:
Originally Posted by flipkick
What about sending your customers the password in a salutatory email? And maybe your team via CC? There's an option for this in ISPConfig.
Yes I do send the customers the passwords, but being customers they loose it, or its easier for them to call up and ask for the password. I cant tell the customer he's a freegin idiot for not having a photographic memory to remember his password.

We send cc emails to a central email account, though this is time consuming to admin this and compile a excel spreadsheet with passwords and keeping them all up to date, then only 1 person can access the spreadsheet else it will be out of sync etc etc etc. Also have passwords on file is not how I want to run the business, a disgruntled employee can easily e-mail or copy the file, go home and do some serious damage, or read the email for employees months after he dismissed. I cant change the passwords of every customer (over 200) when a employee leaves.

When I used to work for a hosting company in London, they had the passwords all stored for all servers in a sql database, and you had to click on "view passwords" under that account to access it. Once you have clicked it the system logs the person (sql user account that is logged in) that requested the passwords in a log which is viewable in the page when you click "view passwords". That way you can see what employee made what changes to the passwords and when and it can help you trouble shoot any errors or password changes that might/should not of happened. etc etc. This also improves security as your employees now can see they are being logged when they view or change a password. The logging of this can also help you see if the client changed the password and if its his mistake etc etc.

Maybe I'm asking for a too advanced system.
Reply With Quote