Click Here To Visit SIP Broker  

Go Back   Voxalot / SIP Broker Support Forums > Voxalot Forums > Voxalot Support

Voxalot Support Support for the Voxalot service.

 
 
Reply
Thread Tools Display Modes
Unread 11-10-2007, 11:36 AM   #1
loraolo
Member
 
Join Date: Jul 2007
Posts: 36
Thanks: 0
Thanked 6 Times in 3 Posts
loraolo is on a distinguished road
Default Import/Export bug

Hi Martin,

I tried to use the import/export feature and I found that if I want to register again a provider after import with replace function I need to reenter the authorization password associated with the VSP account, if not the provider will not be registered:

To repro this behaviour try the following:

* Export providers to a .csv file
* Import the same file with replace button
* Try to register a previous registered account

Regards
Paolo
loraolo is offline   Reply With Quote
Unread 11-10-2007, 11:38 AM   #2
martin
 
Join Date: Feb 2006
Posts: 2,930
Thanks: 528
Thanked 646 Times in 340 Posts
martin is a jewel in the roughmartin is a jewel in the roughmartin is a jewel in the roughmartin is a jewel in the roughmartin is a jewel in the roughmartin is a jewel in the rough
Default

This is working as designed. For security reasons we don't not import / export passwords.
__________________
Martin

Please post support questions on the forum. Do not send PMs unless requested.
martin is offline   Reply With Quote
Unread 11-10-2007, 11:51 AM   #3
loraolo
Member
 
Join Date: Jul 2007
Posts: 36
Thanks: 0
Thanked 6 Times in 3 Posts
loraolo is on a distinguished road
Default

Do you mean that if a password is already stored with a providers the replace function delete it?

I cannot think it woks as designed!

Paolo
loraolo is offline   Reply With Quote
Unread 11-10-2007, 08:35 PM   #4
craig
 
Join Date: Feb 2006
Posts: 243
Thanks: 8
Thanked 130 Times in 72 Posts
craig is a jewel in the roughcraig is a jewel in the roughcraig is a jewel in the rough
Default

Quote:
Originally Posted by loraolo View Post
Do you mean that if a password is already stored with a providers the replace function delete it?

I cannot think it woks as designed!
Martin is correct... it is working as designed. However, you do raise a good point. If you import and replace everything, then it can become quite tedious if you have to re-enter all the passwords.

I am fairly sure that I can make a few changes to support keeping the old password if all the other details match. Watch this thread for more details.

--
Craig
craig is offline   Reply With Quote
Unread 11-11-2007, 02:14 AM   #5
affinity
 
Join Date: Apr 2006
Posts: 799
Thanks: 66
Thanked 61 Times in 44 Posts
affinity will become famous soon enough
Default

I would prefer an option to actually export the password even if it isn't the default choice.
affinity is offline   Reply With Quote
Unread 11-12-2007, 01:42 AM   #6
craig
 
Join Date: Feb 2006
Posts: 243
Thanks: 8
Thanked 130 Times in 72 Posts
craig is a jewel in the roughcraig is a jewel in the roughcraig is a jewel in the rough
Default

Quote:
Originally Posted by affinity View Post
I would prefer an option to actually export the password even if it isn't the default choice.
That is also a good suggestion, but unfortunately there are a couple of technical challenges in developing it. For everyone's security, we store your providers' password using a one-way encryption algorithm in the database... so we aren't able to actually get the original password back to export it.

I was thinking that we could perhaps export the encrypted version of the password, but the problem is that when we go to import that value, our member save routine will try to encrypt that the value it is given (which is obviously incorrect in this specific scenario).

I will have a look at doing this, but it is an area where security is our number one concern, so if there is any risk I will probably err on the side of caution.

--
Craig
craig is offline   Reply With Quote
Unread 11-12-2007, 03:06 AM   #7
kurun
 
Join Date: Sep 2006
Location: Toronto, Canada
Posts: 568
Thanks: 70
Thanked 147 Times in 115 Posts
kurun is a jewel in the roughkurun is a jewel in the rough
Default

Perhaps one approach would be to allow the account holder a choice of whether to encrypt the pass words in the first place.
Obviously, if not encrypted the exported password should be the same as the initially entered password.

Although I am sure that Voxalot is totally above board when handling VSP account passwords, one has to be realistic and keep things in perspective. It is one thing to have an un-encrypted VoIP account password for a pre-paid account with $10 worth of calling credit. It is a totally different matter when handling the password for Bank online access, which I would never write down or expose to a third party.

I personally would prefer the passwords to be readily available for export from my Voxalot VSP list.
kurun is offline   Reply With Quote
Unread 11-12-2007, 07:40 AM   #8
affinity
 
Join Date: Apr 2006
Posts: 799
Thanks: 66
Thanked 61 Times in 44 Posts
affinity will become famous soon enough
Default

If the password is required to be sent to the VSP at the time of call setup, then the password should be able to be decrypted and returned to the user by request. Perhaps it would be better to email the export file as an attachment to the registered email address, rather than as a website download.
affinity is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Help: Issues with Import/Export Tool 244751 Voxalot Support 2 10-12-2007 05:21 AM
Suggestion: Import/Export dial plan darrin Voxalot Support 7 08-02-2007 03:20 PM


All times are GMT. The time now is 05:56 PM.


Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2023, Jelsoft Enterprises Ltd.