#16191 – Username in ATS

Posted in ‘Akeeba Ticket System’
This is a public ticket. Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.
Sunday, 26 May 2013 15:20 CDT
sScheidler
Hello Nicholas,

can you change the Username in "normal" Name in ATS?
It's a security-problem: the hackers have ~50% for authentication for Joomla!-Login
(in the gravatar(?)-section in tickets-view!

Or is an parameter available?

regards,
sven
 
Sunday, 26 May 2013 16:14 CDT
nicholas
If you print out the username a web visitor only knows the username – which isn't all that hard to find out anyway. Minor security issue.

If you print out the real name a web visitor now knows the real name of your user. Minor privacy issue.

If you print out the user ID a web visitor knows the user ID. Medium security issue.

The most secure approach is to never show a username, real name, photo, user ID, anything. Of course that's outright impractical because neither the manager knows who says what, nor the user knows who answers to his requests.

So, no, this is the kind of feature request I am not willing to implement.


Nicholas K. Dionysopoulos

Lead Developer and Director



🇬🇷Greek: native

🇬🇧English: excellent

🇫🇷French: basic



Please keep in mind my timezone and cultural differences when reading my replies. Thank you!



This ticket is closed, therefore read-only. You can no longer reply to it. If you need to provide more information, please open a new ticket and mention this ticket's number.

Support Information

Working hours: Typically we work Monday to Friday, 9am to 7pm Cyprus timezone (EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets, but we cannot respond to them, outside of our working hours.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!