zebo51 22 Posted January 6, 2015 Posted January 6, 2015 I have seen posts refering to disabling local passwords, but I can't find where that option is. Running Version 3.0.5464.40000. My end result is when accessing on my local network to not require passwords, then when accessing from the outside require one. Right now I have one account which has admin control. I cleared the password so I don't need to log in each time internally. I would like any account accessing externally to require a password and possibly only have read access. Thanks
Solution Scott84Z28 39 Posted January 6, 2015 Solution Posted January 6, 2015 In the servers web console, click on Users, then click the user in question. Then click on Password, and click Configure Password. This opens a new tab where you can configure the password, then lower on this page click Local Access. Here is where you can say that this account doesn't need a password when accessing via the local network. 1
bigjohn 753 Posted January 6, 2015 Posted January 6, 2015 I can't be 100% certain about all of this applying to that version, but on version 3.0.5482.1 I think the ability to choose Local Password not required is only available on an account-by-account basis, and also only shown as an option when the account has a password set. In the dashboard, choose Users pick a user go to Password > Configure Password If no password, set a password you should then see the Local Access section at the bottom of the user profile
zebo51 22 Posted January 6, 2015 Author Posted January 6, 2015 Fabulous, I was looking there and even set a password once but I guess I didn't scroll down far enough to see "Local" and expand it. Now just need https support, doesn't matter how long or complex your password is, still clear text . Thanks
ebr 16185 Posted January 6, 2015 Posted January 6, 2015 Now just need https support, doesn't matter how long or complex your password is, still clear text . No it isn't. We never send passwords in clear text.
zebo51 22 Posted January 6, 2015 Author Posted January 6, 2015 No it isn't. We never send passwords in clear text. So how is it encrypting it if I access via a standard web browser?
bigjohn 753 Posted January 6, 2015 Posted January 6, 2015 So how is it encrypting it if I access via a standard web browser? Passwords are always hashed before they are sent from any of our clients. 1
floodi 1 Posted January 22, 2015 Posted January 22, 2015 It's not a proper encryption if I understand correctly. If I can sniff the hash, then I can use that account the has belongs. Encryption needs support from both the client and the server. That's why https is required. With it I cannot steal the hash anymore. And it looks like MB now supports https [emoji2]
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now