Can CPanel please add this password feature?
Hey,
Would the cpanel devs please consider adding function to WHM that allows the ROOT user to see peoples account passwords? Or is there a mod I can do that will allow me?
It gets annoying because I create accounts and then people change the passwords, then when I goto check the account to make sure its got valid materials I cannot login and I dont want to reset the peoples accounts.
How can I make WHM let me see the account passwordS when logged in as ROOT?
cPanel.net Support Ticket Number:
It would be unsafe to allow that.
If you administer the server you have access via shell. If you need to look in password protected areas you can change .htaccess to let you in. You can use root password to access their control panel, mail, stats. You can even use command line to setup a hidden ftp account so you can download from their space.
You'll have to figure out how to do this, it can be done, but i don't do it myself.
cPanel.net Support Ticket Number:
Michael
oh ok thanks a lot. I am using the log into their cpanel with my root password thing.
cPanel.net Support Ticket Number:
Yes, you can get into some things with the root password. But wait until you have a problem with phpMyAdmin. Oops, can't get in with the root password.
It's hilarious to me that root can change someone's password, but they aren't allowed to see what the current one is.
I'm sorry, that doesn't make any sense to me.
Our clients would love it if we didn't have to continually ask them for their password or worse, change it on them (you do know that also changes their main emailbox password too, right?) So, do we we say, sorry, I'm working on your phpMyAdmin problem, you won't be able to get email for however long it takes us. Or do you email them the new password, but they can't get it, because you've changed the password - wuhahahaha.
Or I know, you could send them an email that says, we're changing your password so we can get into your account. Let us know when you got this email so we can actually make the change. Then, since it's a web designer you're dealing with, they email their client, the end user. They wait to hear back from their client, who is completely alarmed at the idea that their password is going to change and has no idea how to change it in their email client. Then you wait to hear back from the web designer. Then you can go in and correct the problem that would've taken you 5 minutes to fix if you'd had the frickin password to begin with.
Someone please explain to me how it makes sense that we can go in and change their password, but we can't know the one it is currently. What kind of security is that?
cPanel.net Support Ticket Number:
Please vote in the poll:
http://forums.cpanel.net/showthread....threadid=13106
cPanel.net Support Ticket Number:
The difference between a secure one-way hash and an insecure decodeable password. The correct type of password encrypting is one way hash - it cannot be decoded, yes, I'm saying impossible - that's security. The type of password you want would have to be stored as plain text or as a decodeable encoding (it might as well be plain text).
You are confusing convenience with security, plain text passwords would be more convenient, but they are a lot less secure.
You can access people databases by setting up your own phpmyadmin that uses the mysql root. There is never a need to use the customers phpmyadmin. I have been sysadmining my own server for 18 months, if the customer has a problem they want me to check (can't access mail - then they need to provide the password). How else can you properly isolate the cause of the problem!
cPanel.net Support Ticket Number:
Michael
Well I get into database just fine using the root user and password. I go to phpmyadmin using one of my cpanel accounts like so,
https://domain.com:2083/3rdparty/phpMyAdmin/index.php
It will ask you for the user and password, you just enter the root usr and pass and your all set.. This works for everyone of my server's and I don't see why it won't for any of you..
On a side note, don't go into the control panel, use that direct link to access it so that it ask for the user and pass..
cPanel.net Support Ticket Number:
I don't think it's a good idea to post/show the passwords. It's just as easy to change them back to the default when the account was created. LOL...... also teaches them to start keeping important information on paper.
cPanel.net Support Ticket Number:
After all is said and done, a lot more will be said than done.
I tried this and it didn't work. I used the direct link and also port 2082, but just got wrong user/pass message.Originally posted by NeutralGold
Well I get into database just fine using the root user and password. I go to phpmyadmin using one of my cpanel accounts like so, https://domain.com:2083/3rdparty/phpMyAdmin/index.php
It will ask you for the user and password, you just enter the root usr and pass and your all set.
Accessing a client DB is the only reason I would like to know a users password. If it were possible to get this, I'd be all set.
I've noticed a couple posts referring to /etc/passwd, but how does this give you a user's password? Anyone? I can't see them.
How do you do this? Would you mind posting instructions or pointing to a helpful website? Thanks!Originally posted by rs-freddo
You can access people databases by setting up your own phpmyadmin that uses the mysql root.
Last edited by jcsolutions; 08-05-2003 at 08:47 AM.
Well I don't understand then, it has allways worked like a charm for me and not only on one server either.
cPanel.net Support Ticket Number:
also.....
Installing a copy of PhpMyAdmin isn't to difficult either. I also know of a pretty simple script that lets you access databases and all you need to do is upload it and there you go, I wouldn't recommend uploading it to a domain name that didn't have SSL as you would be sending your password insecurely..
http://www.mattsscripts.co.uk/mpanel.htm
cPanel.net Support Ticket Number:
are you guys serious?
cPanel.net Support Ticket Number:
What are you talking about?Originally posted by mjm
are you guys serious?
cPanel.net Support Ticket Number:
cPanel.net Support Ticket Number:
adding the ability to view passwords is not a good idea at all.
if you have 'root' you can do _anything_ on the system you want. you dont need users passwords to do so.
if you dont understand this you should not be admin'ing anything except your mothers windows '98 workstation.
cPanel.net Support Ticket Number:
mysql -u root -pAccessing a client DB is the only reason I would like to know a users password. If it were possible to get this, I'd be all set.
*snap*
cPanel.net Support Ticket Number:
LinkBack URL
About LinkBacks
Reply With Quote