@mattab opened this Issue on September 30th 2014 Owner

The goal of this issue is to create a new config setting that when set to 1 it will prevent Super Users from seeing other users' token_auth.

Steps

  • Introduce new setting
  • when the setting is enabled, the admin page Manage users will only show the first few letters of the token_auth.
  • Add new FAQ to publicise the new useful setting

More secure
This will increase security in some Piwik setups where Super User access are widely shared. In this configuration, it is more secure to prevent Super Users from authenticating as other users and issuing API requests using another users' token_auth.

@gaumondp commented on September 30th 2014

The more I see features about Super User being less and less "super", the more I think a new level of user would be better...

Super User = Almighty, access via SSH, updates, install plugins
Piwik supervisor = See all sites, can add users and other actions but with limitations from #6346 , #6348 , #6324
Users = as we know them

@mattab commented on September 30th 2014 Owner

@gaumondp Thanks for suggestion but I don't think we need a new type of users, it would be less clear maybe. also adding a new role now is complicated. I would prefer to have good defaults and for the few users who want to configure differently make it easy for them (via config setting).

@mattab commented on December 5th 2016 Owner

Tokens now hidden for all super users in Piwik 3

This Issue was closed on December 5th 2016
Powered by GitHub Issue Mirror