- This topic has 2 replies, 2 voices, and was last updated 9 years, 11 months ago by Bob.
-
Posts
-
1) Since I’m installing UpdraftPlus on customer sites that I having varying degrees of control over, I have the following question: When I set up the program on a customer site, I need to connect the site to my UpdraftPlus account by entering my email and password. Should a “bad guy” gain full access (files & database) to that site, will s/he be able to obtain my UpdraftPlus password? What UpdraftPlus account-related exposure do I face at that point? If I become aware of the situation, what actions (specifically related to UpdraftPlus) should I take?
2) If I change my UpdraftPlus account password, what will happen on sites where the previous password was entered?
Thanks.
Hi Bob,
Good questions. There are some changes in this area recently, so I will answer based on our as-yet-unreleased version, which should come out later this week:
1) You can guard against nosey clients with this new feature: https://updraftplus.com/faqs/want-lock-updraftplus-settings-site-admins-access/
2) After you have connected for updates, you can then delete the password, and it will continue to be connected (unless you also delete the email address).
3) If someone did get your updraftplus.com password, they couldn’t do much of interest, other than social engineering (contacting us in your name, changing the address on your account, viewing your list of connected sites).
There should be more improvements to this in future, as we plan to make updraftplus.com’s central dashboard have more features – and so we’ll want more security features to help guard it. I can’t say more than that at the moment.
David
- The topic ‘Questions Re Connecting a Site to My Updraft Plus Account’ is closed to new replies.