1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Possible to get cleartext password?

Discussion in 'Plesk 11.x for Linux' started by FarhanT, Sep 6, 2012.

  1. FarhanT

    FarhanT New Pleskian

    10
     
    Joined:
    Sep 6, 2012
    Messages:
    3
    Likes Received:
    0
    I have hosting service hosted on more than 20+ Plesk servers, version 11.
    As in the previous versions, the passwords were not encrypted, then if i had to design some tools to manage the hosting accounts, i just picked up the cleartext passwords from the Database. but as now the passwords are encrypted, is there any way i can decrypt the passwords? through API or any other way so that i can integrate my php based hosting management with plesk 11?

    Thanks
    Farhan
     
  2. Christian_S

    Christian_S Basic Pleskian

    17
    35%
    Joined:
    Nov 8, 2010
    Messages:
    35
    Likes Received:
    0
    Last edited: Sep 6, 2012
  3. FarhanT

    FarhanT New Pleskian

    10
     
    Joined:
    Sep 6, 2012
    Messages:
    3
    Likes Received:
    0
    i cannot see any option to disable enhanced mode
     
  4. Christian_S

    Christian_S Basic Pleskian

    17
    35%
    Joined:
    Nov 8, 2010
    Messages:
    35
    Likes Received:
    0
    In the PSA mysql database look at misc table secure_passwords param.
    Try setting it to false. I haven't tried it and don't know how a change will effect customers/domains/mail accounts already on the server.

    See: http://forum.parallels.com/pda/index.php/t-260584.html
     
  5. Sergey L

    Sergey L Golden Pleskian Staff Member

    32
    43%
    Joined:
    Aug 10, 2006
    Messages:
    1,195
    Likes Received:
    30
    Existing passwords will stay encrypted even if the enhanced mode is disabled with this hack. It is recommended to change your API integration to Secret Keys. This way knowing password should be unnecessary.
     
  6. FarhanT

    FarhanT New Pleskian

    10
     
    Joined:
    Sep 6, 2012
    Messages:
    3
    Likes Received:
    0
    @Sergey

    Thanks for the information.
    But i need to know that is it possible that i can manage the passwords through APIs? are there such APIs available?

    Also, is there any possible way i can disable Enhance Security Mode?

    I actually want to get the password for accounts in cleartext, so that i can use that password in my own PHP based plesk management tools.

    What is the purpose of Secret keys, and how they can be helpful for me in my requirement?

    Thanks
     
  7. abdi

    abdi Platinum Pleskian

    31
    18%
    Joined:
    May 14, 2006
    Messages:
    2,913
    Likes Received:
    60
    Farhan, if you already enabled enhanced mode then its already too late for you to ever again use clear text passwords. Even if you were able to disable enhanced mode still the passwords will stay encrypted!

    Only a re-installation is the only way to revert back to clear text passwords AND only to new domains or data. BUT all previous data still stays with encrypted passwords.
     
Loading...