Jump to content

Admin CP passwords


KT Walrus

Recommended Posts

Posted

Maybe I missed it, but I'd like to have a separate password for the Admin CP from the forum password for the admin account.

I know I could probably just create a separate account for accessing the Admin CP, but it is more convenient to admin both the board and the Admin CP from the same account. Since you have to log into the Admin CP from a special login page, it makes sense to me that the Admin CP password be completely separate from the board password.

Posted

So, you wish to have a different primary login? Just use .htaccess. I could never get it to work on a linux dedicated server, but I know they work with cPanels, etc.

Posted

[quote name='Dark Slipstream' date='28 August 2009 - 01:02 PM' timestamp='1251478931' post='1849865']
So, you wish to have a different primary login? Just use .htaccess. I could never get it to work on a linux dedicated server, but I know they work with cPanels, etc.


Not really. I just want my Admin CP password to be different than my board password. That's all. I already protect my admin cp using the webserver. I suppose I could add HTTP authentication for the webserver, but it would be simpler to just store the admin cp passwords separately and let me change this password independently of my board password.

Posted

I've thought about something slightly along those lines, there are a couple of small modifications about that add another password input to the actual ACP login (so you need your usual password and another separate one too)

Although if a hacker got control of the filesystem, this is moot really.

Posted

[quote name='No1 1000' date='28 August 2009 - 02:31 PM' timestamp='1251487866' post='1849919']
An .htaccess password would be easier and more effective in keeping out unwanted people than giving a second, separate ACP password.

That as well as renaming your admin directory and restricting it to valid IP addresses through the .htaccess.

..Al

Posted

[quote name='AtariAge' date='28 August 2009 - 03:49 PM' timestamp='1251488960' post='1849929']
That as well as renaming your admin directory and restricting it to valid IP addresses through the .htaccess.

..Al

Personally, that seems rather excessive, especially with the existence of dynamic IPs. If someone manages to get through the htaccess protection, you've got bigger problems to deal with.

Is it still possible to rename the directory in 3.0?

Posted

[quote name='No1 1000' date='28 August 2009 - 02:53 PM' timestamp='1251489191' post='1849931']
Personally, that seems rather excessive, especially with the existence of dynamic IPs. If someone manages to get through the htaccess protection, you've got bigger problems to deal with.

Is it still possible to rename the directory in 3.0?



Yes, it is. And much the same way as before.

Also, by adding htaccess protection (with a strong password) to the directory, I can't see how much more secure it would be to add yet another password to the mix.

Posted

[quote name='No1 1000' date='28 August 2009 - 02:53 PM' timestamp='1251489191' post='1849931']
Personally, that seems rather excessive, especially with the existence of dynamic IPs. If someone manages to get through the htaccess protection, you've got bigger problems to deal with.

Is it still possible to rename the directory in 3.0?

I don't have an additional password on my admin directory, but I do have it restricted to the IP addresses I use. Why is that excessive?

Yes, you can easily rename the directory.

..Al

Posted

[quote name='AtariAge' date='28 August 2009 - 08:49 PM' timestamp='1251488960' post='1849929']
That as well as renaming your admin directory and restricting it to valid IP addresses through the .htaccess.

..Al


That makes the support techs angry :P

Posted

[quote name='Mark' date='28 August 2009 - 04:38 PM' timestamp='1251495529' post='1849974']
That makes the support techs angry :P

Yeah, it can be a pain. :)

..Al

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...