How have Lost password user?
- Thread starter DRKT
- Start date
nobaloney
NoBaloney Internet Svcs - In Memoriam †
Linux servers cannot send the password because they cannot retrieve the password; it's stored in a one-way encode.
You can't write a program that will automatically change the password for any user that requests it, and then email the information to the email address on file for the user because the user won't be able to log in to get it.
You could do something if DA required each user to have another email address at another server, but it doesn't (and probably shouldn't for lots of other reasons), so you'll have to have your own method of recognizing the user (do you know his/her voice) and changing it manually.
Jeff
You can't write a program that will automatically change the password for any user that requests it, and then email the information to the email address on file for the user because the user won't be able to log in to get it.
You could do something if DA required each user to have another email address at another server, but it doesn't (and probably shouldn't for lots of other reasons), so you'll have to have your own method of recognizing the user (do you know his/her voice) and changing it manually.
Jeff
It could be possible that DA could store a password in it's own database and then use a script to actually set it on the server. Hence you would be able to set something up to email the password.
However, I think only DA could really do this and it opens up a whole lot of other issues.
Don't Cpanel and Hsphere have some sort of lost password scheme? I'm assuming in the fashion that I am talking about. Lost passwords have to be our top 3 support call, so it can be a pain to manually.
However, I think only DA could really do this and it opens up a whole lot of other issues.
Don't Cpanel and Hsphere have some sort of lost password scheme? I'm assuming in the fashion that I am talking about. Lost passwords have to be our top 3 support call, so it can be a pain to manually.
nobaloney
NoBaloney Internet Svcs - In Memoriam †
I sure hope DA never does that; I think if they did I'd probably have to look for another control panel.rldev said:
Jeff
matrixx
Verified User
jmstacey said:
Yes I think it's MD5 coded ??
So the user would just have to enter their username email address in a lost password box - DA would MD5 the email address entered and compare it to the md5 stored - if it matched reset the password and mail it to the original email address.
Great in theory
Are there any downsides to this way?
Rob
Well I do know that all the major control panels have some sort of password retrieval system. Some generate a new password, some store passwords in an encrypted database. I'm not sure which do which 
I would like to see a addition or option for DA that resets the user password should they request it. Since the inital welcome email will have the password, I don't really see a problem emailing a reset password to the email address on file.
If security was the only thing that mattered, we wouldn't be using a control panel in the first place.
I would like to see a addition or option for DA that resets the user password should they request it. Since the inital welcome email will have the password, I don't really see a problem emailing a reset password to the email address on file.
If security was the only thing that mattered, we wouldn't be using a control panel in the first place.
nobaloney
NoBaloney Internet Svcs - In Memoriam †
What if the mailbox in the DA system is served on the DA box, and is the one the user is trying to get the password formatrixx said:
.Jeff
matrixx
Verified User
jlasman said:What if the mailbox in the DA system is served on the DA box, and is the one the user is trying to get the password for
Jeff
LOL - I knew ther had to be something! So..
If it asked for the address used when setting up the user this *should* not be in the same account or they would have had delivery problems of the welcome email.
It would still create a problem if they changed it afterwards etc etc but thats the time to pick up the phone and call your hosting company!! (one excellent reason to go for a hosting company with phone support)
Rob
nobaloney
NoBaloney Internet Svcs - In Memoriam †
We run retail business at several price points...
Cheapest: email support only (we're going to outsource this as soon as it's enough).
Midrange: phone support, run your own control panel.
Highpriced: call us up and tell us what you want and we do it.
Jeff
Cheapest: email support only (we're going to outsource this as soon as it's enough).
Midrange: phone support, run your own control panel.
Highpriced: call us up and tell us what you want and we do it.
Jeff