Jump to content

First welcome email email - too much unsecured info


moonmosaic

Recommended Posts

Hi,

 

One of my customers complained that the email he got after he registered had his email address and his password. How could I get password being sent in a format like credit card infos; I.E

password: beautiful123

sent password in email bxxxxxxxxxx3

Any suggestions?

 

Thanks

 

PS: I found in the backoffice that I can edit email under "translation"

 

E-mail address: {email}

Password: {passwd}

 

So to eliminate password being sent all together I can delete the last entry. Is this correct?

Link to comment
Share on other sites

Hi,

 

One of my customers complained that the email he got after he registered had his email address and his password. How could I get password being sent in a format like credit card infos; I.E

password: beautiful123

sent password in email bxxxxxxxxxx3

Any suggestions?

 

Thanks

 

PS: I found in the backoffice that I can edit email under "translation"

 

E-mail address: {email}

Password: {passwd}

 

So to eliminate password being sent all together I can delete the last entry. Is this correct?

 

Yes, to prevent passwords from being sent, just delete the "Password: {passwd}" entry from the email translations. Don't forget to do it for any other languages on your shop!

 

I hope this helps.

 

-Mike

Link to comment
Share on other sites

  • 2 weeks later...

hi mike, how are you? :)

listen... i have problems with some customers, sometimes i must be more sure about their identity 'cause my bank warns me about suspects.

So, first of all... how to authenticate the customer email? Instead of sending the username and the password, is it possible at first to send a link to authenticate the email, so (at least) i'm sure that the customer uses that particular email and it's not an invented and unused mail?

Why this method is not a prestashop standard?

Link to comment
Share on other sites

  • 4 weeks later...

hi mike, how are you? :)

listen... i have problems with some customers, sometimes i must be more sure about their identity 'cause my bank warns me about suspects.

So, first of all... how to authenticate the customer email? Instead of sending the username and the password, is it possible at first to send a link to authenticate the email, so (at least) i'm sure that the customer uses that particular email and it's not an invented and unused mail?

Why this method is not a prestashop standard?

 

I think you can set this up in the backoffice. It's called customer email verification. I have this disabled/uninstalled because I am only selling flowers and nothing 3rd party so too much work for my potential customers. However if they register the email should be more secure. I have so far deleted the "password" part of the message which can easily be done in the backoffice under translation.

However, I am now looking into using facebook, twitter and google logins so that I have to worry even less about customers registering.

I hope this helps.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...