Here's the situation - I'm running (Keeping alive at this point, to be precise) a base whose original owner disappeared around 1.5-2 years ago. All that time I'm running with a second level password.
So, I've received a proposal to give other person access to the base in exchange for the help in supplying it. Problem is, secondary level passwords can see and delete other secondary level passwords, which obviously makes me feel insecured and paranoid in this case.
Hence, I'm asking server administration to provide myself with a Master password for the base. I guess it can be easily checked in server logs when was the last time when the master password was used (I can tell you it was back in 2012, most likely), and that I was the only person using the secondary level password for the last year+. I'm also the only person having access to secondary level passwords of that base, as well.
I'll forward the base name, my previous IP (it got changed a pair of months ago), and other necessary information that will be required to confirm my words in PM.
If you have the secondary password to a PoB you essentially have the keys, and you can use the secondary password to login and delete/add other passwords as you see fit. Regardless of master/secondary level, once they have the password to log in they pretty much have free range on the entire base. My advice would be to use caution with who you're giving the login password to.
P.S.--
You could just schedule the supply deliveries for a regular time and not give them the password, for example daily at 3pm or something?
(05-30-2014, 09:42 PM)dirmaster0 Wrote: If you have the secondary password to a PoB you essentially have the keys, and you can use the secondary password to login and delete/add other passwords as you see fit. Regardless of master/secondary level, once they have the password to log in they pretty much have free range on the entire base. My advice would be to use caution with who you're giving the login password to.
I'm aware of that, as I've described all of that in my original post.