I’m trying to disable plaintext passwords for existing Virtualmin accounts; I’ve made the changes to the templates but it seems only new sites are set up with hashing enabled.
I’ve tried various backup / recovery options but it seems it’s pretty much impossible to fix this.
Am I overlooking something here?
As an admin I’d rather not have access to my customers’ passwords
Now that you’ve changed the templates, what happens if you use Virtualmin to change the Virtual Server’s password… does that cause it to begin using the hashed passwords?
I’ve gone back and verified all the templates are set to use hashed passwords and changed the password for the admin user under “Edit virtual server”, but still no hashed password.
Creating a new server works fine, restoring one from backups also doesn’t use hashed passwords (even if I tell it not to set the admin password from the backup)
Thank you for helping though