Every time I go to provide a Moderator for one of my lists it seems to take several tries to get the password to take. That is I fill in the e-mail of the moderator on the general settings page, and type in their password on the passwords page. Then it never seems to work for them -- I end up changing password several times until it eventually seems to take.
Ami I missing something? Are there restrictions on the password? Does the e-mail have restrictions or qualifications? Why is this always so difficult?
Dave
David Andrews and long white cane Harry.
E-Mail: dandrews@visi.com or david.andrews@nfbnet.org
David Andrews writes:
Then it never seems to work for them -- I end up changing password several times until it eventually seems to take.
It's not a matter of "taking". If you type the same password twice, and get a page saying password is set, the password has already been recorded. The password database is internal to Mailman, and the system has been in use for nearly two decades with few problem reports (except that it is *too* easy to use, and consequently insecure), so we are very confident that it works as designed.
How are the moderators doing their task? Are they moderating via email using the Approved header or are they logging in via the web page?
Ami I missing something? Are there restrictions on the password?
As far as I can tell, if you can type it, it can be used as a password by Mailman, except that you can't have leading or trailing whitespace.
Does the e-mail have restrictions or qualifications?
If the email can send and receive email, it's a valid moderator identifier.
Why is this always so difficult?
Except for actually remembering the password and accurately entering it without seeing it, it is intended to be straightforward. Accurate entry can be aided by choice of password so it fits the user's typing rhythm, but that's up to you -- it decreases security to restrict choice to easily remembered, easily typed passwords.
If it's "always" difficult, that implies a documentation problem. If you can help us identify inaccurate or inadequate explanations, we would be very grateful.
At 08:37 PM 9/1/2014, Stephen J. Turnbull wrote:
David Andrews writes:
Then it never seems to work for them -- I end up changing password several times until it eventually seems to take.
It's not a matter of "taking". If you type the same password twice, and get a page saying password is set, the password has already been recorded. The password database is internal to Mailman, and the system has been in use for nearly two decades with few problem reports (except that it is *too* easy to use, and consequently insecure), so we are very confident that it works as designed.
Well I must sheepishly admit it was my error. I apologize for taking everybody's time. I was giving the Moderator the wrong URL to get into his list.
Dave
David Andrews and long white cane Harry.
E-Mail: dandrews@visi.com or david.andrews@nfbnet.org
David Andrews writes:
I apologize for taking everybody's time.
Apology graciously accepted, but really, none needed. Password management is at best annoying, and to do it *really* well, hard. Mailman is a complex product. I'm glad that the assurance that it shouldn't be *that* hard was enough for you to find and fix the issue yourself!
Steve
On 09/01/2014 10:55 AM, David Andrews wrote:
Ami I missing something? Are there restrictions on the password? Does the e-mail have restrictions or qualifications? Why is this always so difficult?
Just a bit more on Stephen's answer.
See the FAQ at http://wiki.list.org/x/5YA9.
The email address(es) in the moderator attribute only determine who receives notices. They have nothing to do with who can moderate a list. The people who can moderate the list are those and only those who know one of the two passwords (administrator and moderator) entered on the web admin Passwords section.
Are the moderators trying to use their own list member password? That won't work.
-- Mark Sapiro mark@msapiro.net The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (3)
-
David Andrews
-
Mark Sapiro
-
Stephen J. Turnbull