The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Suggestion for a better "email Password"

Discussion in 'E-mail Discussions' started by rs-freddo, Mar 12, 2004.

  1. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    The current "email changed password" sucks. Anybody can change the password of any user.

    This should really be a 2 step process.
    1) person cannot login to cpanel and clicks "change password".
    2) email sent to user with url to click if they really want to change password. They click and the changed password is emailed.

    The url could contain a crypt hash of their email address to allow verification without extra database storage. The salt would be changeable on a server to server basis (under tweak settings). The salt would be cut off the emailed hash.

    Advantages:
    * Email can only be changed by user.
    * If user email address is incorrect the password is not changed.
     
    #1 rs-freddo, Mar 12, 2004
    Last edited: Mar 12, 2004
  2. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    message they get if they didn't login.
     
  3. BrightAdmin

    BrightAdmin Well-Known Member

    Joined:
    Feb 29, 2004
    Messages:
    204
    Likes Received:
    0
    Trophy Points:
    16
    Hi michael,

    Try to remove the link "Change Password" from Cpanel. Add a "change password" plugin in your webmail, that will allow only the user to change the email password. If you want to secure more regarding this, try to implement a script with the features you need.

    Regards,

    Bright:)
     
Loading...

Share This Page