I was wondering what all you guys do. Do you back up all user passwords on some sort of removable media in case they loose there information? I'm not sure if this is a good thing to do. What do you guys think?

Just reset them if they forget them.

Andrew

Well I thought about that but I didn't want to make the customer think that I wasn't referencing things. Or make them think that somehow I didn't care.

Always keep all your users password informations in a secure place. A good system is to ask your clients to update their password when they change it somewhere on your server.

Originally posted by Ultrix Hosting
Well I thought about that but I didn't want to make the customer think that I wasn't referencing things. Or make them think that somehow I didn't care.

On the other side, I don't want my customers think that I can messed up with their files so I always recommend them to change their password soon as they got the account.

Like Andrew said, "Just reset them if they forget them", that will make your customers feel comfortable. ;)

But well.... we got Admin and root access so with or without their passwords we can still get in :P
Anyway personally I feel its best that we don't keep user passwords because some people actually have 1 common password for everything... bank account, web site, forums, coporate login stuff etc etc

The "Just reset them if they forget them", is the best option and its what I do whenever I am given that situation.

Originally posted by galacnet
But well.... we got Admin and root access so with or without their passwords we can still get in :P
Anyway personally I feel its best that we don't keep user passwords because some people actually have 1 common password for everything... bank account, web site, forums, coporate login stuff etc etc

The "Just reset them if they forget them", is the best option and its what I do whenever I am given that situation.

Very much agreed... I actually give them a random password to begin with... Then they can change it in cpanel as they wish (although some request that I do it from my end because cpanel's password changer thing is SOOOO picky... but thats a different story). I don't WANT their password. ;)

Not only passwords, all the information of your users should be backup up periodically keeping in mind the privacy and security of your users.

There is no reason to save passwords. I do keep a copy of the initial order forms, however in many cases the password will be changed by the client. With root access, it doesn't matter. You can reset their password if requested.

We don't keep passwords on file. ModernBill keeps the one they signed up with on file, but if they change it in Cpanel...it won't match.

If a customer asks me for their password I simply tell them "We only have your original password on file. We can reset it and email it to the address we have on file for that account."

We don't need customer passwords. We are root. :D

--Tina

I usually just reset the password to something either of their choosing or a random generated one on this end. As for my passwords, call be paranoid, but I have them written down in a notebook in a form only I would know. To top it off, the notebook is locked in a briefcase and is hidden in an undisclosed location ;).

Regards,
Waylon

Originally posted by Velostream
I usually just reset the password to something either of their choosing or a random generated one on this end. As for my passwords, call be paranoid, but I have them written down in a notebook in a form only I would know. To top it off, the notebook is locked in a briefcase and is hidden in an undisclosed location ;).

Regards,
Waylon

/me holds up briefcase.


You mean this one? :D

--Tina

Originally posted by NetHosted-Andrew
Just reset them if they forget them.

never save any pass anywhere to avoid probs with ur customers

Originally posted by Velostream
To top it off, the notebook is locked in a briefcase and is hidden in an undisclosed location.

That must make it tricky to find if ever you need it yourself.

I have my passwords in a box with a proximity sensor that kicks off a self -destruction if anyone gets within 10 yards of it. Of course they have to get past the barbed wire fence, the Rottweilers and the mother-in-law first.;)

Originally posted by galacnet
some people actually have 1 common password for everything... bank account, web site, forums, coporate login stuff etc etc

That is definitely true - god forbid, they'll sign up with a dishonest host that could take advantage of that.

Boris