Warning | |
---|---|
THIS IS NOT A SECURITY FEATURE. THE MAIN PASSWORD IS STORED UNENCRYPTED IN THE SITE'S DATABASE. This is meant as a safeguard against a less technical client inadvertently breaking the site or its security by toying around with Admin Tools' settings. |
Sometimes you are not the sole administrator of a website, for example when there is a large administrative team or when you build the website for a client. In such cases you do not need everyone with back-end access to be able to modify Admin Tool's settings. Instead of giving you the traditional "all or nothing" access control imposed by Joomla! user groups, Admin Tools allows you to control access to any or all of its features using a "main password". The idea is that before any user is able to use one of the protected features, he has to supply the "main password" in Admin Tools' control panel page.
The Main Password page
When you click on the
button in the Control Panel you get to the Main Password page where you can set both the password and select which features to protect.The top area of the page allows you to set a Main Password. If you want to disable password protections, simply leave it blank.
The bottom area of the page lets you select which features will be protected. Set the radio button next to each feature you want to protect to "Yes" before clicking on the
button. Features marked as "No" will be accessible by all back-end users. Featured marked with "Yes" will only be available to users who enter a valid password in the Control Panel page. This means that even Super Users will not be able to access the protected features without supplying a valid password.If you want to quickly protect all features, click on the
button above the list. Conversely, clicking on the button will disable Main Password protection on all features.The only way to find out your password is to directly read it from
the database. Use your host's database management tool —usually it's
phpMyAdmin— to list the contents of your site's abc_admintools_storage
table (where abc_
is your site's table name
prefix). Find the record in the table whose
key
value is "cparams" and take a peek at the
contents of the value
column. It contains a
long text. At some point you will see something like
"mainpassword":"mypassword"
. The
mypassword
part is your main password.