Starring out people's passwords.

[Demented]

In the remote admin, I think it'd be a really good idea to have users' accounts starred out when you're editing something on their account. It's just not right being able to see everyone's passwords.

[Kent Briggs]

In the remote admin, I think it'd be a really good idea to have users' accounts starred out when you're editing something on their account. It's just not right being able to see everyone's passwords.

No one but the administrator should have access to the remote admin interface. And the administrator already had access to everything via the server console and the raw account files. That said, I plan to beef up the security in the next major version so only password hashes are stored on the server, not the passwords themselves. I also noticed that CP still hasn't applied the 2.65 security patch. Ignoring that is a very bad idea.

[Demented]

Alex is being lazy, and he did mention you'd mention he didn't update it, lol.

I know it's only the admins who can see it, but I just don't feel right seeing someone's password when I go to edit their chat permissions or text color. In my opinion, not even administrators should be able to see someone's password, but still have the power to edit it.

[Kent Briggs]

I know it's only the admins who can see it, but I just don't feel right seeing someone's password when I go to edit their chat permissions or text color. In my opinion, not even administrators should be able to see someone's password, but still have the power to edit it.

There really should only be 1 administrator (the site owner) and everyone else with moderation powers should have a web interface built for them with the API. It would be used only for performing the tasks that were assigned to them and only show the fields they need to see.