On Tue, 06 Jun 2006 11:27:41 EDT, =?windows-1252?Q?Randy_Klumph?= said:
> In the old days, user passwords were visible in the log files and could be 
> retrieved. Now they are [redacted]. I seem to recall that it was mentioned 
> that the password could be still retrieved by the site administrator but 
> the details are fuzzy. For reasons too lengthy to go into here, I sometimes 
> need that capability. Anyone remember this thread? My search of the 
> archives was futile.

Generally, the Best Practices for this is that the site administrator should
*NOT* be able to retrieve passwords.  The fact that it can be done doesn't make
it a good idea. (As an aside, I don't think there's any cases in Listserv
where the proper combo of your own admin password and the 'FOR' command won't
let you work around a missing/lost password...). A better solution is for the
site administrator to simply *reset* the password and tell the user what it is
now.  And don't use "but resetting it will break scripts and saved passwords" -
if it's already coded in a script or saved, you already *have* the password and
don't need to snarf it out of Listserv... ;)

A really great solution, as implemented on some systems, resets the password,
and then insists on forcing the user to change it at first logon, so the
site admin doesn't know what the new value is.  That, however, is probably
not implementable in Listserv