viewing passwords in 2.21

**WizyWyg** · Sat 1 Dec '01, 11:09pm

Re: viewing passwords in 2.21

Originally posted by slip
sorry if this has been asked before, but i recall previously being able to change something in config.php or something that allowed admins to see users passwords instead of just a blank field.. is there a way to make these viewable again?

thanks,
slip

Sorry, with MD5 encryption, its no longer viewable to anyone (viewable through your Database as it always has been)
I'd also question as to why anyone would need to view the "personal" passwords of their members.

Edit : sorry misread the post, but you can only view the pw's through mysql query (or if you have phpmyadmin or mysqlman) but you wont be able to make them out because they are encrypted.

**tubedogg** · Sun 2 Dec '01, 6:05pm

Follow the link in my sig to my Admin Functions set of scripts which contains a file that will convert normal strings of text into md5 encrypted strings so you can compare them with the passwords in the database.

**CondorZ** · Sun 2 Dec '01, 9:50pm

Re: Re: viewing passwords in 2.21

Originally posted by WizyWyg

I'd also question as to why anyone would need to view the "personal" passwords of their members.

A guy asks a simple question and here comes the ethics and morality lecture yet again.

**Fusion** · Sun 2 Dec '01, 10:02pm

We're suspicious by nature, that's not necessarily a bad thing.

**Black Tiger** · Mon 3 Dec '01, 3:53pm

How many reasons you need for an admin viewing the passwords of his users, especially on a little more private board or a board with private forums on it?

I can name you two for starters. Not all your users are bright, and you want to check if they are not using a too easy password (like login name and pw = same).

The second one is if you know a hell of a lot of your users, and you meet on irc and icq, it's faster for a user to ask you to lookup his password then following the lost password procedure, especially is he/she's busy.

One should first think of reasons that could be valid before being courious.

Curiousity killed the cat.

**WizyWyg** · Mon 3 Dec '01, 4:29pm

Originally posted by Black Tiger
How many reasons you need for an admin viewing the passwords of his users, especially on a little more private board or a board with private forums on it?

I can name you two for starters. Not all your users are bright, and you want to check if they are not using a too easy password (like login name and pw = same).

Then what's it your business to know that? IF they choose to have an "easy" password, that's their business. Let them suffer if something happens to compromise it.

The second one is if you know a hell of a lot of your users, and you meet on irc and icq, it's faster for a user to ask you to lookup his password then following the lost password procedure, especially is he/she's busy.

Oh and this is "bright". Someone on IRc asks for their password to your board. Hmmm.. Dont you see the fallacy in this? Can you really confirm that that person is actually the person with pw?

One should first think of reasons that could be valid before being courious.

Curiousity killed the cat.

Nope, still no valid reasons for knowing your member's pw. One should first think about their "answers" before posting them ^_~

**tubedogg** · Mon 3 Dec '01, 8:16pm

I am ending this here...he did not ask for a lecture, he asked for an answer to his question.

viewing passwords in 2.21

viewing passwords in 2.21

Comment

Comment

Comment

Comment

Comment

Comment

Comment