mattlandis Posted October 27, 2010 Report Share Posted October 27, 2010 Hello, I'm curious if there is a way to say such and such an extension changed one of there pw's to a simple password? I'm not sure how to implement but i would be nice to be able to know some user didn't change password to simple password. any thots? matt Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted October 27, 2010 Report Share Posted October 27, 2010 In the latest, we actually changed a few things regarding passwords due to the obvious problems with default passwords. When the PBX takes the default configuration, the default passwords for extensions (also PIN) and domain provisioning are just "*". That means the PBX will generate automatically some random passwords for these extensions (12 alphanumeric or so), so that someone from outside will have a real hard time guessing them. You can still do PnP and the PBX will provision the passwords fine (depending on the MAC trust level and the client certificate that the device presents). The only open door is still the admin password. But somehow you have to log in the first time! If admins don't change that password then I also dont know. I think when you try to save global settings (which also contains the admin password) by default the JavaScript will complain about the empty admin password, so you have the chance to change that as well. We added a warning symbol in the account page that lights up when the account has no password set. But it is not as critical as before, as the PBX does not accept registrations without passwords any more (another change we did a few months ago). The biggest security risk as users that don't like to use good passwords, that remains the core problem. Quote Link to comment Share on other sites More sharing options...
mattlandis Posted October 27, 2010 Author Report Share Posted October 27, 2010 suggestion: in the account list have some red notice. when you hold mouse over it or click it tells which is the offending password. idea Matt Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.