First welcome email email - too much unsecured info

[moonmosaic]

Hi,

 

One of my customers complained that the email he got after he registered had his email address and his password. How could I get password being sent in a format like credit card infos; I.E

password: beautiful123

sent password in email bxxxxxxxxxx3

Any suggestions?

 

Thanks

 

PS: I found in the backoffice that I can edit email under "translation"

 

E-mail address: {email}

Password: {passwd}

 

So to eliminate password being sent all together I can delete the last entry. Is this correct?

[Mike Kranzler]

Hi,

 

One of my customers complained that the email he got after he registered had his email address and his password. How could I get password being sent in a format like credit card infos; I.E

password: beautiful123

sent password in email bxxxxxxxxxx3

Any suggestions?

 

Thanks

 

PS: I found in the backoffice that I can edit email under "translation"

 

E-mail address: {email}

Password: {passwd}

 

So to eliminate password being sent all together I can delete the last entry. Is this correct?

 

Yes, to prevent passwords from being sent, just delete the "Password: {passwd}" entry from the email translations. Don't forget to do it for any other languages on your shop!

 

I hope this helps.

 

-Mike

[moonmosaic]

Yes, thank you. Although I would prefer to send the password but disguising it in some form. If customer forgets the password he/she can look it up in the first email. If there is no other way, of course the easiest option will have to do.

[Mike Kranzler]

Hi moonmosaic,

Deleting the password entry completely will definitely be the best way to go in that situation, especially since they can always use the Forgot Password function in your Front Office.

 

-Mike

[mmsh]

hi mike, how are you?

listen... i have problems with some customers, sometimes i must be more sure about their identity 'cause my bank warns me about suspects.

So, first of all... how to authenticate the customer email? Instead of sending the username and the password, is it possible at first to send a link to authenticate the email, so (at least) i'm sure that the customer uses that particular email and it's not an invented and unused mail?

Why this method is not a prestashop standard?

[moonmosaic]

hi mike, how are you?

listen... i have problems with some customers, sometimes i must be more sure about their identity 'cause my bank warns me about suspects.

So, first of all... how to authenticate the customer email? Instead of sending the username and the password, is it possible at first to send a link to authenticate the email, so (at least) i'm sure that the customer uses that particular email and it's not an invented and unused mail?

Why this method is not a prestashop standard?

 

I think you can set this up in the backoffice. It's called customer email verification. I have this disabled/uninstalled because I am only selling flowers and nothing 3rd party so too much work for my potential customers. However if they register the email should be more secure. I have so far deleted the "password" part of the message which can easily be done in the backoffice under translation.

However, I am now looking into using facebook, twitter and google logins so that I have to worry even less about customers registering.

I hope this helps.