how to enable user password encryption in vicidial

Vicidial user password encryption

Topic: how to enable user password encryption in vicidial


vicidial user password encryption

  Overview:

    VICIdial is an enterprise class, open source, contact center suite in use by many large call centers around the world. VICIdial has a full featured predictive dialer. It is capable of inbound, outbound, and blended phone call handling.

    By Default, in vicidial the user passwords are served in plain text, that is  visible to other users who logged in as admin, to avoid this you can use the user password encryption which i have demonstrated in this blog tutorial

You can follow this Blog also i have upload video tutorial for the same topic

https://youtu.be/BqKscbxJGD0

  STEPS : Enabling the Vicidial Password Encryption

  Step 1: Installing Bcrypt perl

   what is Bcrypt?
    Bcrypt is cryptographic hashing algorithm, recommended for password hashing ,designed by Niels Provos and David Mazières, based on the Blowfish cipher

Using the CPAN console install the Bcrypt, run the below command

cpan
install Crypt::Eksblowfish::Bcrypt

  Step 2: Enabling the Password Encryption

    By default the Password encryption is disabled in Vicidial, you check the same under ADMIN > SYSTEM SETTINGS > PASSWORD ENCRYPTION: Disabled.

    To enable Password Encryption feature you need to the vicidial script at command line console.

SSH to your vicidial server linux console, and run the below command to make sure Encryption works without any error.

/usr/share/astguiclient/ADMIN_bcrypt_convert.pl --debugX --test

If no errors received run the same script without --test flag as shown below

/usr/share/astguiclient/ADMIN_bcrypt_convert.pl --debugX 

Now navigate to ADMIN > SYSTEM SETTINGS > PASSWORD ENCRYPTION
now you may notice the Password Encryption is enabled, Followed to that any new users created in the vicidial the passwords will be encrypted.

  Step 3: Encrypting Plain Text Password

    All the users passwords which are created before enabling the Password encryption, will remain as clear plain text ,to encrypt the existing plain text passwords either manually edit them and update or run the below command to convert all the plain text to encrypted text.

/usr/share/astguiclient/ADMIN_bcrypt_convert.pl --clear-plaintext-pass
or
/usr/share/astguiclient/ADMIN_bcrypt_convert.pl --debugX --update-override --clear-plaintext-pass

  How to Reset the Forgotten Password

    If you have forget the admin password , you need to update the password under mysql/mariadb with the hashed password, for non-admin users either you can update the password from admin login or follow the below procedure.

  Step 1: Generate the Hash Password

    Run the below command from SSH console with the password which you want to set of a user
for example for admin user 6666 i need to set a password as admin123

/srv/www/htdocs/agc/bp.pl --pass=admin123

The above command will output the HASHED value of admin123 ,copy that proceed to step 2

  Step 2: Updating the Mysql user table

    once hash password generated run the below mysql command with the password generated in step 1

mysql -p
use asterisk;
UPDATE vicidial_users set pass_hash='kfYvywV959fn09rSZML70wHjjxsaYjm' where user='6666';

Now you can login to the vicidial admin or agent portal with the new password.

  Conclusion:

hope you now you able to encrypt the user password of vicidial
for professional support reach me at skype: striker24x7


3 Comments
  • Unknown
    Unknown November 30, 2020 at 2:11 PM

    In the Step2 in first line there are typo:
    should be "/usr/share/astguiclient/ADMIN_bcrypt_convert.pl --debugX --test
    " instead "... –test"

    • Ajit Kumar
      Ajit Kumar November 30, 2020 at 4:29 PM

      thanks

  • Anonymous
    Anonymous May 26, 2022 at 8:59 AM

    showing you must run in test mode first

Add Comment
comment url