ShopSite Forums

by **Randall** » Sat Sep 16, 2006 1:48 am

I wish we had a separate password for accessing the orders interface. Not that it should be needed for each order, but so that someone who is authorized to maintain the site does not automatically have access to all the customers' personal and card data.

And vice versa -- I feel a little uneasy knowing that the non-technical person retrieving the orders could, with a few curious clicks, mess up the site.

We value the convenient access ShopSite currently gives, vs. the cart program previously used, which required logging into the main page, navigating to the order section, batch downloading the latest orders, then decrypting the file by entering a passphrase, finding the file, opening it, and (finally) printing.

Apart from having a unique password for Orders, I wouldn't want to lose that convenience. When going directly to the Orders section, it would be the only password needed. And it would be okay to optionally have a cookie remember it, the way the current one is.

by **marcea** » Sat Sep 16, 2006 9:58 am

I also wish that an employee could be given the password for gathering order information only, and not have access to the rest of the back room! Mistakes and mischief make me nervous on such a critical database.

by **Randall** » Sat Sep 16, 2006 11:09 am

Let me amend what I said about remembering the orders password in a cookie. Best if that were optional. Depends on how secure the computer is. Cleaning crews and all that, you know.

by **Melinda** » Sat Sep 16, 2006 11:58 am

I agree, that would be extremely helpful.

It would help our in store security to not have sensitive information available to all employees.

by **ShopSite David** » Thu Sep 21, 2006 10:42 am

This may not meet all of your requirements but in v8.1 if you use the Merchant Key (Asymmetric) Encryption then employees could view the orders but not the sensitive credit card information.

See this help page:
http://www.shopsite.com/help/8.1/en-US/ ... orage.html

by **Urbanbella** » Mon Oct 23, 2006 9:57 am

Yes this would be very helpful (especially to those of us thinking on corporate governance terms).

I want to protect the information I have so that I can protect the site and my customers.....

Please let us know when we can limit access/viewing rights by user...

Thanks Shop Site!!!

by **gbadoo** » Sun Apr 08, 2007 9:35 am

Separate passwords for various parts of the back office, at the very least for order download, should be available, set only by registered system administrator, and under no circumstances should cookies ever be saved on a computer for such sensitive passwords. If you can't remember a password, you should not have access, period!

by **marcea** » Mon Apr 16, 2007 7:26 pm

I also would like a password for Orders, that would prevent an employee from access to the rest of ShopSite. If I want an employee to process orders when I am away, but not worry that they make price or other changes in the database, then separate access is necessary.

by **bakerman** » Tue Jul 17, 2007 12:04 pm

I second that one

by Ed » Tue Jul 17, 2007 12:39 pm

I'm all for the separate access privileges for different users, also.
-- Ed

by **william** » Wed Jul 25, 2007 5:17 am

User define access is an important feature to add. As owners and e commerce managers the inability to secure our businesses presents us all with a security and management problems. As our businesses grow we will have to delegate responsibilities to others in a vacuum.

With multiple users I (system administrator) would like to control area access and know the date and time of log in of each individual that I have given access. Some user definitions could be:

System Administrators
Super User
User

The benefit to ShopSite could be that this program would take on an enterprise perspective. Owners and mangers could concentrate on the growth of their businesses.

I see that other ShopSite users have made this request some time ago. Is there progress in providing this solution or one similar in the future?

by **bakerman** » Wed Jul 25, 2007 6:26 am

The only thing I have found to be useful is to have to order status module installed and make sure the password to access it is different. That was the order processors don't have access to any of the site maintenance.

But that doesn't address user access in the control panel where anyone whose job is to add items can view all of the sales data and reports. That info is typically something we don't want available to all.

by **Marie** » Fri Mar 07, 2008 12:47 pm

It is very important to our business to have separate passwords for site development and order-related items. I would like to see the Reports and Orders buttons password protected.

by **cheryllbk** » Fri Jul 11, 2008 12:20 pm

I agree...

Administrator defined access to area of the back office is critical.

If a store owner would like to leave access open, they could do that -- if they'd like to restrict it for various user IDs they could do that as well.

Separate IDs at a minimum is a must.

Please consider adding these options soon.

by **accss** » Wed Aug 27, 2008 3:59 pm

I, too, was frustrated by this problem until I found a workable solution. Please see my post here: http://support.shopsite.com/forums/viewtopic.php?t=6049

ShopSite Forums

Separate password for viewing orders

Separate password for viewing orders

separate password for orders versus maintenance

Remembering password in cookie

Separate Passwords and User Access Controls/Rights

Administrator Defined Access

Another vote for separate passwords

Administrator Defined Access

Who is online