Radio_Head

Well-Known Member
Verifed Vendor
Feb 15, 2002
2,051
1
343
Hello,

I need to know the password used for each account , but I cannot find them on whm .I need it to verify client identity when he ask me technical support .
Any suggestion ?

Thank you
 

anto

Active Member
Aug 15, 2001
26
0
301
I don't think it's possible since all passwords have been decriptied
(spell?).

However, if you wish you can log in into their home
directory using their username plus root'password.
(by using CPanel, not ftp).

Or if you are reseller, you can also use your client userid
plus your password.
 

Radio_Head

Well-Known Member
Verifed Vendor
Feb 15, 2002
2,051
1
343
So there is really no possibility for ROOT to knows account password ?
 

anto

Active Member
Aug 15, 2001
26
0
301
[quote:c5237a1090][i:c5237a1090]Originally posted by Radio_Head[/i:c5237a1090]

So there is really no possibility for ROOT to knows account password ?[/quote:c5237a1090]

No.
 

BJMG

Active Member
Jul 24, 2002
27
0
151
Work Around

Here is what I do when I need to &verify& a customer as well as suggestions I made to my resellers:

Here is what I do:
When a customer requests help which will require changes to his/her account, I ask for the username/password as if I have it on file. ;)

I then quickly attempt to access his/her cPanel. If I am able to access his/her cpanel, the customer, in my opinion, is verified.

Suggestion # 1:
When an order is placed, most merchant companies will allow you to see at least the first or last (or both) 4 digits of the CC number used. Keep this info on file and use this for verification.

Suggestion # 2:
When you send your customer a welcome message, let them know that they MUST keep their original password on file as the ORIGINAL password will ALWAYS be used for verification.

Suggestion # 3:
If a customer forgets the ORIGINAL password, ask him/her to create a file within his account and have hom/her name it a certain name, one that is not a real word (i.e. - has710sn.htm). If the customer has access to do this, again, it is assumed that he/she is verified.

Suggestion # 4:
When sending the customer a welcome message, include a UNIQUE Client ID & Verification Password. Inform the customer to keep this info on file for verification purposes.

Suggestion # 5:
If you and the customer have access to a fax machine, ask him/her to send you a copy of their State ID (license, passport, etc). This does not necessarily mean that the person sending this info is the original owner, however, you will now have the name, address, and in most cases, either the social security number, or license number, of the person making the request. (Unless you host sites for well-known companies, government officials, and so on, I dont thing the person requesting help will make an effort to create a fake ID to fax to you.

I hope this info gives you a few ideas and solutions to your dilemna (sp?). :)
 

newfield

Active Member
Mar 2, 2002
38
0
306
State of Confusion
Include fields for username and current password in your support request form, and when customer submits support request you access their cPanel using their user/pass. Otherwise, they are not verified.

By the way, cPanel should include a link to the reseller's support desk, anyway, right? Also, how about including open source helpdesk software in the cPanel package, that admins, and/or resellers could use? Such as:
http://www.bestpractical.com/rt/
 

itf

Well-Known Member
May 9, 2002
624
0
316
[quote:f3b769c30c][i:f3b769c30c]Originally posted by newfield[/i:f3b769c30c]

Include fields for username and current password in your support request form, and when customer submits support request you access their cPanel using their user/pass. Otherwise, they are not verified.

By the way, cPanel should include a link to the reseller's support desk, anyway, right? Also, how about including open source helpdesk software in the cPanel package, that admins, and/or resellers could use? Such as:
http://www.bestpractical.com/rt/ [/quote:f3b769c30c]
RT (Request Tracker) could not be used with Cpanel
Some of its disadvantages are:

1) If you use RT with a Shared Apache your system is 100% vulnerable
2) Very High loads of RT
3) RT uses mod_perl (lots of trouble with other modules)
4) Requires an instance of Apache
5) Real support will cost $3000
6) You have to specify a dedicated server to RT for the best secure result
and ...

There are better solutions for helpdesk which are safer

We were using RT before on our DC and canceled this usage and have developed our own customized HelpDesk using php & Perl