I’m voting for a Password Reset functionality to be added to the Cloud and Server edition of Manager.
Also in the interim, can the reference email for password change be made editable to something an Administrator can determine. Se my screenshot below.
Requesting to users to contact support@manager.io can be really confusing since they cant get any help from there.
It looks like you grabbed that screenshot from Cloud Edition, so it already exists there. However, it doesn’t seem to exist on Server Edition yet, and I definitely agree that it would be useful to have.
From what I’ve seen recently in the forums, this is a planned change for the ‘Support’ tab (when it eventually gets added back into Cloud/Server Edition). It makes sense that it should be reflected on the login page as well.
The ‘About’ tab was removed from the Cloud/Server Editions recently.
Thanks,
You are partially right, the reset password exist on Cloud Edition but only for Administrators, restricted users cant reset their passwords. They still have to contact the Administrator.
And that is where the second problem arise, a restricted user who does not read the screen instructions but seeing a Reset Password field input his email address will be directed to the page in my earlier screenshot.
I suspect the reasoning behind the choice to only allow administrators to reset passwords, is to enforce locking out users. At the moment, there is no concept of an inactive user, so if you need to block someone’s access temporarily without doing something as drastic as deleting them or changing permissions, the easiest way is to override their password.
This of course is only my assumption.
IS this something your team is working on already.
See his comment on this topic here:
The main issue with reset password functionality is that Manager doesn’t insist usernames being email addresses. This is probably mistake. I think users will have to log in using their email addresses and when they forget password, they will be able to reset it using their email address.
As for server edition, to reset administrator password, you will need to delete file named password from your Application Data path. Then you will be able to log in as administrator without password. Of course, it’s important to set new password as soon as you log in.
Perhaps add another field to the user - for email address? This way, people can enter their username and have it send the password reset email to them based on what’s entered into the new field.
Or if that field was left empty, a “please contact your Administrator” message could appear - stating that no email address is available for their account.
I don’t think it particularly matters either way (new field, or enforcing email address in username field) … just stating another option to consider.
This will be a very workable option that is viable, or does someone else have another opinion.
I’ve checked and can confirm currently, Manager accepts using email addresses as usernames, so the next step is to enable Password reset on the usernames. For existing users with non-email address, the Administrator can easily effect changes to the usernames.
Hope to see this in current release soon
Hello,
Please is there any update on this. knowing that someone can mistakenly enter an email not registered on the database and see the above support@manager.io. Copying manager.io defeats the custom domain purpose and may lead to integrity issue on ownership of the software. Please what options are available to me because i dont want any of my clients to see this.
Regards
Unsure if this assists - posted in another topic:
“Server edition has no branding. For example, Support tab can be removed from server edition by deleting Support.html from installation directory. Or you can replace the content of html file with your own and have your content under Support tab.”
@ekene2004, your question is not clear at all. This topic was about password reset functionality. You are asking about people entering unregistered emails, though you don’t explain just where you are concerned about this happening. Then you switch to comments about custom domains and ownership integrity, expressing fears about what your clients see.
Just what is your question? Please be specific.