08-03-2010, 02:27 PM
(This post was last modified: 08-03-2010, 02:29 PM by Dean Roddey.)
One big advantage of our own security is that we can (and do now) support non-Windows clients. We couldn't do that if we depended on Windows login as proof of access.
The setting of the password when resetting an account is just something I need to the time to do. It's pretty piddly in the larger scheme of things so it's not been done yet. But it will get done.
Security is pretty fundamentally ingrained in the whole product, so it's not going to go away or become optional. Doing anything that would change the system requires a secuirty token, else the product couldn't be secure. And if just passing some parameter or setting some flag would turn it off, the security would be worth nothing since any hacker could do that with a client, pull up to your house with a tablet, connect, and change your system.
It's easy enough to use environmentally based login info, or command line if you want, it works either way.
The setting of the password when resetting an account is just something I need to the time to do. It's pretty piddly in the larger scheme of things so it's not been done yet. But it will get done.
Security is pretty fundamentally ingrained in the whole product, so it's not going to go away or become optional. Doing anything that would change the system requires a secuirty token, else the product couldn't be secure. And if just passing some parameter or setting some flag would turn it off, the security would be worth nothing since any hacker could do that with a client, pull up to your house with a tablet, connect, and change your system.
It's easy enough to use environmentally based login info, or command line if you want, it works either way.
Dean Roddey
Explorans limites defectum
Explorans limites defectum
