Clear Passwords

[Agosto]

This was already very discussed but seems not to have consensus and therefore I insist.
The passwords are defined by the administrator of the system and not by the user. Maybe y ou can put an option to use clear passwords or incripted. In the option of clear passwords these would be attributed automatically by the system. So there would not be the problem of knowing common passwords of the user. This waywe solve the problem of a client that have configured several programs, for example for access to a ftp area, and don't remember the password and would have to reconfigure all the programs. Perhaps you can also separate the ftp passwords of the email passwords … This will help a lot.


Agostinho

[falko]

I'm sorry, but we won't store clear-text passwords in the database. It's a huge security risk!

[Agosto]

And if while installing the ISPconfig it creates an algorithm that allows to store the password in a safe form but also to recreate them?

[falko]

But if you can recreate them, they aren't safe...

[Agosto]

they are not clear to any one that connect to the database. And the "code" can be diferent for each instalation. This way no one can recreat the password of other system. Only that system can recreat it and resend it to the user. The passwords with md5 can also be "recreated". At least there can be an option to use md5 or other encryptation. In my case, like in many cases, I only use the system for a few (about 20) sites for me.

[AlArenal]

I totally agree with Falko. Passwords have to be stored as safe as possible on the server. Everything else compromises security and therefore is not an option at all.

You can think about mechanisms to automatically create new passowords and send them as e-mail with a confirmation link, but that's it. If someone likes to use a common password (which he shouldn't) and cannot remember (How common is it, then?) then he/she will have to change it back afterwards.

It's okay to have the system assist a user if he/she forgot a password (which should not occur anyway) but it's not okay to compromise security, not even as an hidden option in the config file.

What I would like to see is a password field for newly created items that's filled with a relatively secure random password per default. Make it an optional setting, if one Admin doesn't like it and/or let him/her define the rules for passwords like "must contain digits", "must contain special characters", "must be at least x characters long", "must contain upper and lower case", etc.

[Agosto]

I really don't understand. The passwords are created by the "system administrator" and not by the user, sow they are not "common" to the user. And if you use rules for the password they can't be a user common password because every site uses different rules. The passwords are used to configure any email or ftp program that store it and not for authentication in any page. Many of the users use it one time to configure the program and don't know how to change the password. They just use the one the administrator give theme. This is the problem of don't remember the password because they don't use it every day, only when they have problems with some program and need to reconfigure it again. I have a client that use ftp for communications between 4 stores. If we ask me for the password because we need to reconfigure one store I will give him a new one and he have to change the configuration on all the stores. A solution can be an option to use user defined password or system passwords and in this case the passwords are created by the system and can't be changed by the user. This way you never have common user passwords.
This is my idea from my experience and I my last replay for this