If you have a support question or comment, click the Post New Topic link below.
Current Version: 3.9.5 | Sytist Manual | Sytist Articles 

Admin Login Passwords Attempted Are Visible To Any User

 
Please log in or Create an account to post or reply to topics.
 
Michael Leenheer
413 posts
Wed May 19, 21
2:57 PM
Something a bit concerning that I just came across:

/sy-admin/index.php?do=admins&view=logins&failed=1#page=thumbs

If you go to the ADMINS > Log in Log > Failed Logins, you can see all the failed passwords the other admins used when trying to login. Unfortunately those are all legit 'real' passwords for the admin -- they are perhaps just trying to sign in with an email instead of their username or something of that nature, but having those all visible is a concern.

My own 'failed' passwords were real ones used elsewhere and they've now been seen by a few employees. I trust them but I also don't want this. Can you add security to hide those? Passwords shouldn't be visible (or even stored) as plain text for others to view...

Please.
 
 
 
 
 
Michael Leenheer | New Light Photography - SUB Photo
Tim - PicturesPro.com
13572 posts
admin
Thu May 20, 21
3:58 AM
Ok. I will note it.
 
 
 
 
 
Tim Grissett, DIA - PicturesPro.com || My Email Address: info@picturespro.com
Loading more pages
Loading more pages

Sign up for email promotions.

Your information is safe with us and won't be shared.

Thank you for signing up!

 
©2003 - 2021 Grissett, LLC. All Rights Reserved.

By continuing to browse or by clicking Accept Cookies, you agree to the storing of cookies on your device necessary to provide you with the services available through our website.

    Accept   Privacy & Cookie Policy
Loading More Photos
Scroll To Top
Close Window
Loading
Close