media Posted April 12, 2011 Posted April 12, 2011 I am a little uncomfortable with the way client area is showing my server information... The passwords should be covered with ********* .. Possible hacking or a password highjack, the person will get all she/he wants from system... The password field should not be visible to front end person except backend... I hope it makes sense.. :) Thanks
Guest Technical Support Posted April 12, 2011 Posted April 12, 2011 The passwords are most likely encoded with md5+salt encryptions after you submit it. You should only worry if you think your household partner(s) are going to steal your site. :lol:
Fishfish0001 Posted April 12, 2011 Posted April 12, 2011 The passwords are most likely encoded with md5+salt encryptions after you submit it. You should only worry if you think your household partner(s) are going to steal your site. :lol: How are they possibly encoded if they can be shown as plain tet front-end unless IPS is using their own hashing algorithm that they can decode. Its probably plain text.
media Posted April 12, 2011 Author Posted April 12, 2011 The passwords are most likely encoded with md5+salt encryptions after you submit it. You should only worry if you think your household partner(s) are going to steal your site. :lol: I do not like this kind of answers, you do not have to answer if you cannot read the original post.... Sad <_<
Guest Technical Support Posted April 12, 2011 Posted April 12, 2011 I do not like this kind of answers, you do not have to answer if you cannot read the original post.... Sad <_< I read your original post, media. However, I am not sure what kind of answer you want. Obviously Invision Power Board takes security very seriously. So, even if they did store them as plain text, I'm sure it's safe. Otherwise, the database would have been compromised by now. I hope that answer satisfied you. Have a great night!
Kessler Posted April 12, 2011 Posted April 12, 2011 Obviously Invision Power Board takes security very seriously. Yes we do. The information that media is referring to is information saved on the account for our use when working on a ticket to resolve an issue. As such, if it were to get encrypted it would be useless to us and a waste of time to the customer to put the information in. @media What you can do is to change or remove the information when it's not needed. Then if you need to submit a ticket, make sure that the information is available so we don't have to ask for it and can address your ticket sooner. When the issue is resolved, just remove it again.
Mark Posted April 12, 2011 Posted April 12, 2011 Do you mean a hosting account with us? If so, the password has to be shown somewhere, how else would you know what it is? :)
3DKiwi Posted April 12, 2011 Posted April 12, 2011 When I look in the Client area I see all of my old support tickets. In these tickets are listed passwords for my admin account at my forum, ftp, database, cpanel, WHM, SSH etc. I see no way of deleting these old tickets that contain all of my passwords. Then in the Client Centre under "Purchases" if you go into your "IPB Standard Licence" there's a page for filling in all of your passwords. Could be this is what the member is referring to. This saves having to list them in your support tickets. Attached is this page. I choose not to fill it in. 3DKiwi
media Posted April 12, 2011 Author Posted April 12, 2011 I read your original post, media. However, I am not sure what kind of answer you want. Obviously Invision Power Board takes security very seriously. So, even if they did store them as plain text, I'm sure it's safe. Otherwise, the database would have been compromised by now. I hope that answer satisfied you. Have a great night! You did not read my first post and you made fun of my question... that's i do not like... Period... GO AWAY... @media What you can do is to change or remove the information when it's not needed. Then if you need to submit a ticket, make sure that the information is available so we don't have to ask for it and can address your ticket sooner. When the issue is resolved, just remove it again. Yes I was talking about this part... Himmmmm.... Ok I understand... Thank you for your explanation... :)
Guest Brandon S. Posted April 12, 2011 Posted April 12, 2011 I see that English is not your first language. I am sorry if you thought my reply was making fun of you. However, it wasn't.
media Posted April 12, 2011 Author Posted April 12, 2011 I see that English is not your first language. I am sorry if you thought my reply was making fun of you. However, it wasn't. Woww you are something ha... You sent me a private message and that's not enough you sent anohter message here... What is wrong with you? Instead of helping people trying to prove something.... So from now one you are going to try to figure out whose first lang is English????? Please go away....
Kessler Posted April 12, 2011 Posted April 12, 2011 The OP has made his concerns known and as always, feedback is how we learn how to keep our customers happy. Since the conversation seems to be taking a decline in usefulness, I'm going to go ahead and lock this topic before it gets any worse.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.