youds
Verified User
Hi
The Email Level Plugin has been a huge success so far.
However a strange call today brought to my attention a scenario.
A list of emails was provided to the company director who has a PA.
The PA has left, and the company director wanted to know why his password may of changed.
It turned out the company director had misread his password.
New email passwords should either be sent to an existing email address and/or an assigned company contact. If they are too stupid to destroy the peice of paper despite our advice, once everyone's been told of their password and it gets filed away, anybody with access to the print out and the computers with the passwords on it could change the password using the plugin and also change it on their colleges PC......
So OK, not our problem? Or should DirectAdmin have a password expiry feature for all email accounts with the plugin? "Set my password to expire every 90 days"
The Email Level Plugin has been a huge success so far.
However a strange call today brought to my attention a scenario.
A list of emails was provided to the company director who has a PA.
The PA has left, and the company director wanted to know why his password may of changed.
It turned out the company director had misread his password.
New email passwords should either be sent to an existing email address and/or an assigned company contact. If they are too stupid to destroy the peice of paper despite our advice, once everyone's been told of their password and it gets filed away, anybody with access to the print out and the computers with the passwords on it could change the password using the plugin and also change it on their colleges PC......
So OK, not our problem? Or should DirectAdmin have a password expiry feature for all email accounts with the plugin? "Set my password to expire every 90 days"
