11-10-2007, 11:36 AM | #1 |
Member
Join Date: Jul 2007
Posts: 36
Thanks: 0 Thanked 6 Times in 3 Posts |
Import/Export bug
Hi Martin,
I tried to use the import/export feature and I found that if I want to register again a provider after import with replace function I need to reenter the authorization password associated with the VSP account, if not the provider will not be registered: To repro this behaviour try the following: * Export providers to a .csv file * Import the same file with replace button * Try to register a previous registered account Regards Paolo |
11-10-2007, 11:38 AM | #2 |
Join Date: Feb 2006
Posts: 2,930
Thanks: 528 Thanked 646 Times in 340 Posts |
This is working as designed. For security reasons we don't not import / export passwords.
__________________
Martin Please post support questions on the forum. Do not send PMs unless requested. |
11-10-2007, 11:51 AM | #3 |
Member
Join Date: Jul 2007
Posts: 36
Thanks: 0 Thanked 6 Times in 3 Posts |
Do you mean that if a password is already stored with a providers the replace function delete it?
I cannot think it woks as designed! Paolo |
11-10-2007, 08:35 PM | #4 | |
Join Date: Feb 2006
Posts: 243
Thanks: 8 Thanked 130 Times in 72 Posts |
Quote:
I am fairly sure that I can make a few changes to support keeping the old password if all the other details match. Watch this thread for more details. -- Craig |
|
11-11-2007, 02:14 AM | #5 |
Join Date: Apr 2006
Posts: 799
Thanks: 66 Thanked 61 Times in 44 Posts |
I would prefer an option to actually export the password even if it isn't the default choice.
|
11-12-2007, 01:42 AM | #6 | |
Join Date: Feb 2006
Posts: 243
Thanks: 8 Thanked 130 Times in 72 Posts |
Quote:
I was thinking that we could perhaps export the encrypted version of the password, but the problem is that when we go to import that value, our member save routine will try to encrypt that the value it is given (which is obviously incorrect in this specific scenario). I will have a look at doing this, but it is an area where security is our number one concern, so if there is any risk I will probably err on the side of caution. -- Craig |
|
11-12-2007, 03:06 AM | #7 |
Join Date: Sep 2006
Location: Toronto, Canada
Posts: 568
Thanks: 70 Thanked 147 Times in 115 Posts |
Perhaps one approach would be to allow the account holder a choice of whether to encrypt the pass words in the first place.
Obviously, if not encrypted the exported password should be the same as the initially entered password. Although I am sure that Voxalot is totally above board when handling VSP account passwords, one has to be realistic and keep things in perspective. It is one thing to have an un-encrypted VoIP account password for a pre-paid account with $10 worth of calling credit. It is a totally different matter when handling the password for Bank online access, which I would never write down or expose to a third party. I personally would prefer the passwords to be readily available for export from my Voxalot VSP list. |
11-12-2007, 07:40 AM | #8 |
Join Date: Apr 2006
Posts: 799
Thanks: 66 Thanked 61 Times in 44 Posts |
If the password is required to be sent to the VSP at the time of call setup, then the password should be able to be decrypted and returned to the user by request. Perhaps it would be better to email the export file as an attachment to the registered email address, rather than as a website download.
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Help: Issues with Import/Export Tool | 244751 | Voxalot Support | 2 | 10-12-2007 05:21 AM |
Suggestion: Import/Export dial plan | darrin | Voxalot Support | 7 | 08-02-2007 03:20 PM |