Important Notice from AspDotNetStorefront
It is with dismay that we report that we have been forced, through the action of hackers, to shut off write-access to this forum. We are keen to leave the wealth of material available to you for research. We have opened a new forum from which our community of users can seek help, support and advice from us and from each other. To post a new question to our community, please visit: http://forums.vortx.com
Results 1 to 4 of 4

Thread: WSI TOKEN- Reset Password

  1. #1
    allstar is offline Member
    Join Date
    Apr 2009
    Posts
    90

    Default WSI TOKEN- Reset Password

    I want to get an idea of how users are handling the issue of resetting the password when the super admin account is expired. Keep in mind that I want to stay compliant. I did find an article stating the AdminPwdChangeDays can be change. However, I found a post stating to stay compliant the value cannot be more than 30 days.

    Possible solution?
    Is there a way where I can programmatically reset the password? Lets say, check the password changed date for the WSI Super Admin account. The day before the reset date, I can programmatically by WSI update the password for the super admin account. Therefore, I will not have to update again until the next 30 days...
    ...AllStar

  2. #2
    Rob is offline Senior Member
    Join Date
    Aug 2004
    Posts
    3,037

    Default

    You could create another super-admin account, used only by WSI, with a much longer timeout expiration on pwd...that way, WSI programmatically can continue, with normal PABP/PA-DSS requirements on "human" admins intact.
    AspDotNetStorefront
    Shopping Cart

  3. #3
    allstar is offline Member
    Join Date
    Apr 2009
    Posts
    90

    Default

    So your saying I can change AdminPwdChangeDays in the appconfig to be more than 30 days? According to one of the ADNSF staff, setting the value to more than 30 days is a PCI violation and it's not recommended (see this link: http://forums.aspdotnetstorefront.co...nPwdChangeDays). Please explain...
    ...AllStar

  4. #4
    ASPAlfred is offline Senior Member
    Join Date
    Nov 2007
    Posts
    2,244

    Default

    That is the point of providing you the appconfig: AdminPwdChangeDays parameter so you can change it with your own preference. Though PABP recommendation is 30 days.