Forum-

How can you view a client's account password without changing it in WHM or is this possible?

Thanks,

--JCA Justin

Not possible. Wouldn't that be poor security if the passwd file can be decrypted?

you can login the virtual sites using the virtual sites username and your root pass.

Yeah, but I need to know THEIR passwords, the purpose isn't just for me to login in their cpanel.

Thanks,

--JCA Justin

Not gonna happen... I myself know MANY would be very mad if their host could look up their password at any given time. The best you could do is change it on them.

What would you need to know Their passwords for anyway?

If you needed to get into phpMyAdmin from their control panel, you'd need it, for instance.

You don't need to get into phpmyadmin for them if you just install phpmyadmin to an area you can reach outside of their Cpanel and use the root mysql user to access that . Then you can view/edit all users mysql . For example install phpMyadmin to a site you have setup, lets say the server name is NS.SERVER!.COM then create a site named mysql.server!.com and install phpMyadmin to mysql.server!.com/phpMyadmin , now just use the mysql root to access that when you call it in a browser. I hope this makes sense, but there never is a need to have a users password unless you plan on using their email or ftp username .... perhaps for troubleshooting ?

Yep, troubleshooting. I know that we can reach everything using the root password. However, there are some times when you just want to walk through exactly what the user is doing, start to finish, to see if you can recreate an issue they are experiencing. Email, FTP - those both count as well. We don't like to just arbitrarily change user passwords, even for testing, since 80% of the time, they use the same password for everything, or don't provide an off-network address for email issues, and so on. Most users will understand when you request their password for troubleshooting purposes, and will appreciate the fact that you can't see their password to start with. If they feel uncomfortable, change it for testing. They can always change their password if they've given it to you for testing purposes. There is a lot of potential for missed communications and/or the creation of other issues while testing if a change is made immediately. Forutnately, for most of the things we do, we can get through using the root password and then just create a new email account (for instance) to test. But there are times when having that password is pretty darned useful.

I agree, but since security prevents it and always should. There is no harm in asking a client what they have set the password to or get permission in advance to reset the password while you try to help them. Well, I've got to run for now. See ya

Difference of opinion, that's all. I would note that passwords are visible in the Alabanza DSM (as you know).

Thanks everyone for your input. The purpose for the passwords is that I am moving servers and I wanted to set the passwords on the new servers as the same on the current server. But I think now what I will do is just change the passwords and re-issue them.

Thanks again,

--JCA Justin