Jump to content

Recommended Posts

Posted

I'm at version 64.0.3 (Debian64) and the welcome email doesn't include the password. All I see is the domain and a message asking me to change the password and PIN

Posted

Generally speaking, passwords should be (and mostly are) write-only parameters. It can be a problem if passwords leak out, especially by email; that is why we took the passwords out of the welcome emails. So you would have to set the password as admin and then have a way to pass it to the user - preferably not with an email 

Posted

Given that almost all my customers use hosted services asking them to distribute passwords and/or QR codes via paper, or another non email method is a non starter. If I suggested it to them, which I haven't I'd simply be laughed at especially as I have over 600 3CX hosted PBX systems I was looking to migrate to Vodia over the next 12 months or so

Posted

Paper makes sense in some environments, e.g. teachers that get paper everyday anyway. But I agree, in other environments it is not practical at all. But there are other ways as well - first of all the goal should be that you don't have to distribute any passwords at all. If customers use Google email addresses, then you can use them for logging in without a password at all. This is also possible with Facebook accounts, LinkedIn accounts and also (though not very popular) with Office 365 accounts. Our feeling is that we should do Office 365 next. 

As for the QR codes, I am not even sure if it would be okay to send the images in emails. It might be unreadable for humans, but for robots QR codes are very easy to read. Maybe we'll leave this decision to the admins - a trade off between security and practicality. 

Posted

As my customers are corporate none of them use google email nor do they use facebook to login. If I choose to use email to distribute QR and/or passwords it entails additional work our end to extract these, compose emails and send them. 

We always use encrypted email with customers when sending any account credentials anyway

Posted

Second thoughts. When we send the QR code to the user cell phone inbox, it is useless unless that user takes a photo from the mirror! There must be an easier way where we can send the link to the play store that includes the credentials. If the user's email is the gmail account we can use that for authenticating the user. 

  • 3 weeks later...
Posted

QR codes won't help a user log into their web app from their desktop either, which my users want to do. I don't want to be manually setting every web password and then manually notifying the user - instead I would like to be able to choose if we send web password in email.

FWIW I have customised the domain email_welcome.htm to get this working again for my domain.

<p class="cText">To get to your web portal log into <strong><a href="https://{ssi htmvar domain}">{ssi htmvar domain}</a></strong> as <strong>{ssi htmvar extension}</strong> and your web password is <strong>{ssi htmvar password}</strong></p>

 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...