http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9164 Bug ID: 9164 Summary: Only allow kohaadmin login under special conditions Classification: Unclassified Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Architecture, internals, and plumbing Assignee: gmcharlt@gmail.com Reporter: m.de.rooy@rijksmuseum.nl Would it be an idea to separate the Koha password of kohaadmin [or whatever you name it during installation] from the database password (in terms of security)? Furthermore, is it necessary that kohaadmin can login via opac? And even, could we disable staff client login via kohaadmin under normal circumstances, only allowing login under special conditions (installer, maintenance mode, or so). We could define these conditions and provide a way for system administrators to "force these conditions" without compromising security again. Will ask for some ideas in this regard on the dev list. -- You are receiving this mail because: You are watching all bug changes.