Current password not in 'Edit User'?


#1

Er, I’m rubbing my eyes here. I could have sworn the current password was displayed in the edit user dialogue. Well if that’s gone because of the current issues, fair enough, I guess. More passwords to store elsewhere, ho hum.


#2

Looks that way.

I’m not sure how that make it any more secure, since you can still just enter a new password while you’re there.

If someone has panel access, you’re screwed, regardless of whether or not those passwords were displayed.


:stuck_out_tongue: Save up to $96 at Dreamhost with ALMOST97 promo code (I get $1).
Or save $97 with THEFULL97.


#3

Oh no, guess I’ll be resetting some old passwords down the track at some point then.

EDIT: This could be a result of this entry over at the Status Blog


Web Hosting Review | Hot Product Web Directory


#4

[quote]I’m not sure how that make it any more secure, since you can still
just enter a new password while you’re there.

[/quote]

But it would be immediately noticeable when you tried to log in next time rather than letting intruders run free & unnoticed with the old login.


#5

should we also be changing our web admin passwords?