Dlf Posted October 11, 2005 Share Posted October 11, 2005 Well I thought of some ideas for the ACP, I also added a poll; and excuse me if I mistype anything, I have a headace.ID, Display name, two passwords, logged in for x amount of mins, Reason for going in. Also vote in the poll. [*]ID - By this on the main screen the person/people/thing entering the ACP has to give a ID, if it gives a invaild ID it can't get in. [*]Display name - By this, you also need to input a display name of a|the admin account [*]Two passwords - With this the (Person|people|thing) has to enter two passwords to get into the ACP [*]Logged in for - This would allow a admin to set how many minutes/seconds/amount of time they will be in the ACP; once that amount is up they need to log in again. So like in some Libraries that make you fill out a form to get on the internet; this would be like the name, also with the YOU HAVE (X AMOUNT OF TIME LEFT BEFORE YOU NEED TO LOG IN AGAIN!) [*]Reason for entering ACP - This would make the person/thing/object enter a reason for getting into the ACP. If the ACP (or something) detects a mailcous use; it won't let the person in for a couple of {minutes, hours, days?).ALL OF THESE WOULD BE OPTIONAL Link to comment Share on other sites More sharing options...
.John. Posted October 11, 2005 Share Posted October 11, 2005 Yes/Yes Link to comment Share on other sites More sharing options...
Cody Woolaver Posted October 11, 2005 Share Posted October 11, 2005 i think a lot of those ideas especially the reason for entering the ACP would be annoying :P Link to comment Share on other sites More sharing options...
Dlf Posted October 11, 2005 Share Posted October 11, 2005 Anyone else think matt should or shouldn't add these in? I"m just trying to add more securtiy to the ACP. With these on it could lower the chances of getting (h)(c ) racked. Link to comment Share on other sites More sharing options...
CharlesC Posted October 11, 2005 Share Posted October 11, 2005 Definitly a reason for going in ACP, for those stupid co-admins who like to abuse their power <_< Link to comment Share on other sites More sharing options...
CG DAGinator Posted October 11, 2005 Share Posted October 11, 2005 Yes/Maybe/Yes/Yes only if it's set by the main admin - meaning the main admin set's a time limit for everyone/No Link to comment Share on other sites More sharing options...
.SiLlY. Posted October 12, 2005 Share Posted October 12, 2005 I like the reason request. The others though i think are kind of harsh and would be a pain to yourself eventualy. I think if you have that many worries about what your staff might be doing or not doing.. they shouldnt be admins. Just a thought. Link to comment Share on other sites More sharing options...
cojo Posted October 12, 2005 Share Posted October 12, 2005 Anyone else think matt should or shouldn't add these in? I"m just trying to add more securtiy to the ACP. With these on it could lower the chances of getting (h)(c ) racked. IMO the admin filename itself ought to be configurable without having to change any code files to handle this. Adding HTTP Authentication on that file and/or restricting IP ranges are good ways to deter hackers. Link to comment Share on other sites More sharing options...
starlightie Posted October 12, 2005 Share Posted October 12, 2005 Not bad if the admin could control which one showed. There should be a master ACP password so people would have to provide their password and the master ACP password, which is what I think you meant. But admins should be able to take off any of those options... Link to comment Share on other sites More sharing options...
ZainZ Posted October 12, 2005 Share Posted October 12, 2005 How about verifying your thumb print too ? Link to comment Share on other sites More sharing options...
Bamfer Posted October 12, 2005 Share Posted October 12, 2005 How about a sample of blood? lol! Security is fine but overdoing it I think would make some, including me, irritated that I have to put in a password everytime I wanted to do something in the ACP. However, if I want to make someone an Admin and give them limited access to the ACP that would be a great feature. Just check off what you want the Admins on your board to have access to and you are good to go. XMB software has only four staff groups at the moment by default. Super Admin - access to all areas of the ACP Admin - has the same access rights as the Admin but can't run SQL or look into member PM boxes. SuperMod - all areas of the board but no ACP access. Moderator - only has this ability in the areas of the board they are assigned to. Personally, if IPB could create an area where we could make someone Admin but give them access to areas of the board we wish them to have access to. This would be a great feature. :) Link to comment Share on other sites More sharing options...
RObiN-HoOD Posted October 12, 2005 Share Posted October 12, 2005 Reason for editing is a must!!!!! Link to comment Share on other sites More sharing options...
Mr Incr3dible Posted October 12, 2005 Share Posted October 12, 2005 Yes/Yes what he said :thumbsup: Link to comment Share on other sites More sharing options...
UBERHOST.NET Posted October 12, 2005 Share Posted October 12, 2005 If you keep your UserID name hidden then you already have, in effect, two passwords to enter ACP. Link to comment Share on other sites More sharing options...
sterss Posted October 12, 2005 Share Posted October 12, 2005 Yes/Yes Link to comment Share on other sites More sharing options...
Dlf Posted October 13, 2005 Share Posted October 13, 2005 I am actually surprised people would like this idea/like my ideas. It's rare for anyone to even listen to me (talking/other wise). Link to comment Share on other sites More sharing options...
Dlf Posted October 16, 2005 Share Posted October 16, 2005 Anyone else think these should be added? Remember these WOULD BE OPTIONAl. You could have say the ID and reason on but the others off. Link to comment Share on other sites More sharing options...
hartzr Posted October 16, 2005 Share Posted October 16, 2005 Use truly strong passwords and you won't get hacked. (in theory) :P Link to comment Share on other sites More sharing options...
Davidcopperfield Posted October 16, 2005 Share Posted October 16, 2005 onally, if IPB could create an area where we could make someone Admin but give them access to areas of the board we wish them to have access to. This would be a great feature. :) I have already posted about this feature Here: http://forums.invisionpower.com/index.php?...opic=173089&hl= "Firstly, what is even more important is to insert two functions of and Main ADMINISTRATOR whose power would be over whole forum and minor ADMINISTRATOR that would manage only certain subforum; f. ex. let us suppose that I manage many groups of students. Each university/college could have their own administrator to change the graphics in their area of forum to manage Moderators and so on Minor Aministrator ACP would have executions' limitations to one or several subforums- Excelent when merging a couple of forums. No-one feels downgraded. This Administrator outside the manageable area would be avarage user with no privileges. The Main Admibnistrator ,could of course, manage every nook of the whole forum board." Link to comment Share on other sites More sharing options...
SnowBlower Posted October 17, 2005 Share Posted October 17, 2005 I don't like any of the ideas, but if it's optional, I guess it doesn't hurt anyone. Link to comment Share on other sites More sharing options...
Management Matt Posted October 17, 2005 Management Share Posted October 17, 2005 Personally, if IPB could create an area where we could make someone Admin but give them access to areas of the board we wish them to have access to. This would be a great feature. In IPB 2.1.x, there is the ACP -> Admin -> Admin Permission Restriction section where you can configure exactly which sections your admin can access. I don't think there is much of a need to add more layers of obfuscation to the log in process. It'll annoy 100% of the administrators and be less than 1% effective in keeping hackers out. I'm not aware of many situations where a hacker managed to correctly 'guess' an admins password off-the-cuff. Choose a strong password and make weekly back-ups and keep the convenience of a quick log in procedure. Link to comment Share on other sites More sharing options...
ZainZ Posted October 17, 2005 Share Posted October 17, 2005 Whats the quick login procedure? Link to comment Share on other sites More sharing options...
Antony Posted October 19, 2005 Share Posted October 19, 2005 Not bad if the admin could control which one showed. There should be a master ACP password so people would have to provide their password and the master ACP password, which is what I think you meant. But admins should be able to take off any of those options... What would a master ACP password do? It wouldn't increase security one bit. How about verifying your thumb print too ? :lol: Retina scans anyone?I don't like any of the ideas, but if it's optional, I guess it doesn't hurt anyone. Yeah, it does, its more bloat to the software. If people have good passwords none of these measures are going to stop hackers. If I had to write a reason every time I logged into the ACP I would go mental. These features would be best as a mod. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.