I discovered a significant security vulnerability in Modernbill. Client account passwords are available to all levels of admin users in plain-text. This means that if an admin account gets hacked or if an employee gets disgruntled, passwords from all accounts can be collected and subject to a wide range of fraud activities. This also means that, considering that many people use the same passwords repeatedly, that people whose passwords are exposed are vulnerable to fraud in other areas as well.

Do similar vulnerabilities exist with other billing software?

did you report it to them before posting on a related industry forum? I mean, you know people are going to be PMing you looking for how to do this. Perhaps that was the intent? Either way, I hope you reported it to them in great detail so it can be fixed.

i posted this to modernbill and did not get a response from them. i think that (a) someone might recommend software without this problem, (b) the company might respond to the problem if more people are bothered by it, (c) maybe someone has a way to work around the problem.

Originally posted by gardanni
. . . Do similar vulnerabilities exist with other billing software?
Vulnerabilities exist in almost all software. It's just a matter of finding and patching those, on the fly etc.

I do hope MB take your claim seriously though. :eek2:

As for all levels of admins being able to see the passwords, this must be new. It would only be for admin levels that have permission to view client details, no?

While I agree that admins shouldn't need to know most passwords on the fly, however, shouldn't the focus be on hiring trustworthy admins that use appropriate password syntax?

if an employee gets disgruntled
Hire employees who you trust and who will sign Non-Disclosure Agreements.

There are two camps as far as passwords are concerned. The first is that passwords should be encrypted and the backend program should handle the recovery if the password is lost. The second are those who believe that it is a great service to the customer to tell them what their last password was and to do that it needs to be in plain text. I prefer the first. However the only time I would see this as a threat is if there is a vulerability in MB that would allow a cusomer to promote their login to administrator. I would think that MB would react quickly to a crittical vulnerability like that.

this is on modernbill for a lotr of versions it is not a security flaw it is just a feature

of course i want to to hire "trustworthy admins". who doesn't seek to hire trustworthy people? there is no objective measure of trustworthiness, and until there is, it is a security flaw to needlessly put passwords at risk.

Besides, we expect to be in business for a long time and, as with any business, expect a fair amount of growth and turnover. Even if the risk or a dishonest employee is tiny, that risk it will grow over time as we open ourselves to working with more people.

Well, if you think plaintext passwords are a problem, you probably HATE the 'Log in as John Doe' link that's right on the client view page, no? ;)

Originally posted by WebOnce
Well, if you think plaintext passwords are a problem, you probably HATE the 'Log in as John Doe' link that's right on the client view page, no? ;)
no, an admin certainly needs to be able to log into client accounts. they just should not have access to client passwords.

Do people here know which billing systems have better security in this respect?