magento:masterpassword:settings

Use of the MasterPassword Module

What it does

MasterPassword is adding the ability to your Magento Store to login with any Customer Email Address and a Master Password, instead of the customers password. By that there is no need to alter any data in the database tables to just access any customer account to have a view at what the customer is seeing in his account.

In addition MasterPassword is adding events triggered before and after a customer login is being validated. These events may get used by your own Store code to process any functions before or after the customer validation during login.


Configuration

MasterPassword has its settings here:

System » Configuration » Customer Configuration:


Enabled

Allows to Enable or Disable the MasterPassword Login function. When being disabled, the Master Password is not being accepted when used in the Frontend. This way you may temporarily enable this function when required for use.

Master Password

This is the password that is overriding any customer account password. Define this password wisely and use a complex password to increase security.

Limit Login to IP Addresses

Allows to define fully qualified IP Addresses from which the Master Password will be accepted. Add multiple IP-Addresses as comma delimited.

Your current own IP Address

Displays the current IP Address for your Browser as detected by the Server of your Magento installation.

Extension Check

Displays any notices or warnings of the extension if prerequisites required for Masterpassword to work are not fulfilled. Also displays a notice if another extension is creating a conflict that requires to be resolved for Masterpassword to work.

Security

MasterPassword will allow to login with any Customer Email Address and the defined Master Password, and access to the customers data. For this extension this is made on purpose to allow Shop Administrators or Support Staff to access a Customer Account from the frontend, when required to see what the customer is seeing in his account.

Therefore we strongly advice to use strong Passwords with longer length. You may use this Secure Password Generator (or others) to create a random password for use with MasterPassword.

We also strongly recommend to limit login with MasterPassword to the IP-Addresses from which you generally access the site for administrative purposes.

Any user of this extension is self-responsible for the save use of this extension.