Author Topic: Users can login using root's password!  (Read 7622 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Users can login using root's password!
« on: January 11, 2021, 07:28:30 PM »
Hi,
today in a fresh installation I created the first user, with its username and its password.
The I went to the user web panel and (for mistake) I use the user's username and root's password, then .... I got correctly logged in!
I tried to replicate the behavior on a new installation, and I got the same problem.
User can successfully login both with its own password and root's password as well... how can it be??

Re: Users can login using root's password!
« Reply #1 on: January 11, 2021, 11:41:09 PM »
That's perfectly fine and how things should be!
Why do you see a problem - unless you're gonna tell all your users the root password?
Jeez!

(Does facebook/instagram allow you to search for cheap Windoze shared hosting?)
« Last Edit: January 11, 2021, 11:43:35 PM by cynique »

Offline
*
Re: Users can login using root's password!
« Reply #2 on: January 21, 2021, 08:20:44 AM »
That's fine.
Maybe this is wanted to allow admin to log in and see users' side without asking them their password?

Re: Users can login using root's password!
« Reply #3 on: January 21, 2021, 11:37:04 AM »
That's fine.
Maybe this is wanted to allow admin to log in and see users' side without asking them their password?
Ta Da! The penny has dropped. (Took long enough.)  :P

Offline
*
VPS & Dedicated server provider with included FREE Managed support for CWP.
http://www.studio4host.com/

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.

Offline
**
Re: Users can login using root's password!
« Reply #5 on: March 16, 2021, 08:12:18 AM »
This is how it should work, and this method works as long as the User don't enabled the 2FA Authentication.

If the User has 2FA enabled you can still login but using the direkt link in the Admin Panel under Accounts, even if 2FA is enabled.