Hello,
As far as I know, the passhash parameter might be used to perform API operations. However, I don't fully understand if this parameter might be used to gain web interface access. I know that it cannot be used directly as a password but I wonder if it is a desired behavior to gain access to the web interface just with this parameter and the username.
Could you please confirm?
Thank you.
Article Comments
Hello itsme,
This is Felix from Paessler Tech Support. The Key is designed to get access to the API interface. If you have any particular concerns you can share with us security-wise regarding a webserver access, like a scenario where you expect a different behavior, I'd ask you to reach out to security@paessler.com and mention this post. Please share as many details as you can so that we can take a look into it.
Thanks in advance!
Kind regards,
Felix Saure, Tech Support Team
Dec, 2021 - Permalink
Hello itsme,
This is Felix from Paessler Tech Support. The Key is designed to get access to the API interface. If you have any particular concerns you can share with us security-wise regarding a webserver access, like a scenario where you expect a different behavior, I'd ask you to reach out to security@paessler.com and mention this post. Please share as many details as you can so that we can take a look into it.
Thanks in advance!
Kind regards,
Felix Saure, Tech Support Team
Dec, 2021 - Permalink