"So i dont understand the paranoiia." - Ask you company's security team. If you don't have one, ask somebody else's. A little paranoia is healthy, a lot is, well, paranoid.
If you send a one-time password to a customer and he's on vacation for a month, you give a potential hacker a one month window during which he can use the password and change it to whatever he wants. The real user comes back, complains, gets emailed a new password, and the hacker just picks it up again.
This is an old debate. I've been converted by security folks who have shown me just how easy it really is to compromise poorly protected systems. If somebody gets a valid password, maybe they'll also know about a bug in Cacti or some other web-based service running on that box. Before you know it the box is owned. Do you care? Maybe it's just a web server in front of the firewall. Even if that's the case, it's a pain to nuke and pave a production server - especially if you want to do it without customer-affecting downtime. This is a worst-case scenario, I agree, but is it really worth the risk?
Why does an Op need to see the passwords? If a user has password trouble, they call. If they're on the phone, the Op resets the password to something else and tells the user, "This is your new password."
My feeling (and Ian and I have *not* discussed it so I have no idea what he thinks or what "official" Cacti policy will end up being) is that if you want that kind of insecurity, you're welcome to hack it into your own copy of Cacti but I don't want to build that in and make it easy for Cacti to be a possible security risk.
My two bits.
Rob.
