Posted by: itchysox
Posted on: 2007-06-07 01:49:00
Er, I'm rubbing my eyes here. I could have sworn the current password was displayed in the edit user dialogue. Well if that's gone because of the current issues, fair enough, I guess. More passwords to store elsewhere, ho hum.
Posted by: seiler
Posted on: 2007-06-07 02:40:00
Looks that way.
I'm not sure how that make it any more secure, since you can still just enter a new password while you're there.
If someone has panel access, you're screwed, regardless of whether or not those passwords were displayed.
Posted by: Shonky
Posted on: 2007-06-07 03:01:00
Oh no, guess I'll be resetting some old passwords down the track at some point then.
EDIT: This could be a result of this entry over at the Status Blog
Posted by: number-six
Posted on: 2007-06-07 11:04:00
>I'm not sure how that make it any more secure, since you can still
> just enter a new password while you're there.
But it would be immediately noticeable when you tried to log in next time rather than letting intruders run free & unnoticed with the old login.
Posted by: macinarizona
Posted on: 2007-06-07 11:57:00
should we also be changing our web admin passwords?