5
Option to prevent users from choosing own password
- Open
- Subscribe
|
D |
Dries Pattyn |
For security purposes, it could prove more secure to prevent users from choosing their own password while configuring or changing e-mail accounts, databases, ftp or directadmin accounts.
E-mail accounts, databases and or ftp accounts are configured fixed into applications. There is no need to remember a password.
A new directadmin option (to be configured in directadmin.conf) that only allows randomly generated passwords to be used while users are setting or changing a password.
Activity Newest / Oldest
Richard G
As long as it's a switchable option, seems a good suggestion.
However, it should be still visible to the user after creation. They need to be able to store it somewhere in case they use another application, or for example reinstall database application and such or change ftp application.