On 6/24/07, Sivakatirswami <[EMAIL PROTECTED]> wrote:
Patrick R. Michaud wrote: > On Wed, Jun 20, 2007 at 09:52:13AM -1000, Sivakatirswami wrote: >> read and edit >> passwords are not displayed... we only see four **** in each field >> where we were expecting to view the actual passwords displayed. > > PmWiki doesn't have the cleartext passwords anywhere -- it > only stores encrypted versions.
I see, hmmm, makes sense, you don't want to open a hole
to hack out passwords as clear text. OK understood, that could be a serious problem. So, you just keep that door shut. So then, obviously, admin is left with the manual task of tracking the passwords for each group and which users have been given those passwords. I would be interested in how other admins do this or if there are any "best practices" recommendations... A simple text file on one's own box? A protected page on the wiki?
Good question -- I'd be interested in hearing what others do, too. I have an Admin wikigroup, which requires an admin password to read. One of its pages contains the following: (:table class=tabtable padding=5px:) (:cell width=40%:) Here's a list of groups on the site (:pagelist fmt=group list=all group=-PmWiki,-Admin,-Site:) (:cell width=60%:) Maintain a manual list here of groups, pages and passwords * '''Site-wide''' admin=admin-levelpassword; read/edit/upload=user-levelpassword * Group [[ExampleGroup1(.HomePage)]] read=firstpasswordexample; read/edit/upload=secondpasswordexample * Page [[ExampleGroup2/ExamplePage]] read= pw1 pw2 pw3; read/edit/upload=pw4 pw5 (:tableend:) I highly doubt this could be considered a "best practice".
_______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
