Tweet
Password Log
Here it is, at long last.
I've searched these forums and there seems to be interest so I went ahead and did it.
Introducing the Password Log.
Part of the 1984 series.
Before going any further, I have no intention of attaching the hack to this thread.
When vBulletin.org accepts vB3 hacks I will submit there.
O.K. Now for some info.
The password log records UNENCRYPTED passwords on registration and password change.
This is a one time operation. md5 hashes and salts are generated as normal.
Login is unaffected and uses the md5 and salt system.
The password log was created to allow board owners the ability to do two things:-
1) Find multiple accounts operated by troublesome users by comparing passwords.
2) Temporarily gain access to a user's account without changing their password.
The log runs in the admin control panel with fully integrated help provided.
View and prune access is restricted by userid in config.php
Also in config.php there is a master toggle enabling / disabling all logging as well as a limiter preventing the logging of users with admin or mod powers and the option to choose your own name for the password log table in the db.
This is still a beta hack for a beta board so please don't ask for a download at present.
I have no idea what impact changes to vB during beta and RC will have on it.
I am currently working on a few enhancements such as IP cross referencing, which should be done very soon.
Here are some screen shots of the current version.
The screen in the control panel where you select how you wish to view / prune your logs
A sample log.
Admin help.
Opinions?
I've searched these forums and there seems to be interest so I went ahead and did it.
Introducing the Password Log.
Part of the 1984 series.
Before going any further, I have no intention of attaching the hack to this thread.
When vBulletin.org accepts vB3 hacks I will submit there.
O.K. Now for some info.
The password log records UNENCRYPTED passwords on registration and password change.
This is a one time operation. md5 hashes and salts are generated as normal.
Login is unaffected and uses the md5 and salt system.
The password log was created to allow board owners the ability to do two things:-
1) Find multiple accounts operated by troublesome users by comparing passwords.
2) Temporarily gain access to a user's account without changing their password.
The log runs in the admin control panel with fully integrated help provided.
View and prune access is restricted by userid in config.php
Also in config.php there is a master toggle enabling / disabling all logging as well as a limiter preventing the logging of users with admin or mod powers and the option to choose your own name for the password log table in the db.
This is still a beta hack for a beta board so please don't ask for a download at present.
I have no idea what impact changes to vB during beta and RC will have on it.
I am currently working on a few enhancements such as IP cross referencing, which should be done very soon.
Here are some screen shots of the current version.
The screen in the control panel where you select how you wish to view / prune your logs
A sample log.
Admin help.
Opinions?
Comment