Finding out what the problem is
You can access your reports at: http://YOURSITE.COM/sblogin/report/ The only user who has access to your reports is the admin user as you specified on the order form. The Strongbox reports are especially useful when you’re doing customer support so you can see exactly what the customer’s problem is – whether they are entering their password wrong, their user name is expired, etc.
- See: Troubleshooting
Do not “test” their user name yourself
Note that you SHOULD use the reports to see what’s going on when a customer has trouble. You should NOT “test” their user name and password by using it yourself. Some webmasters like to “test” by doing that, but you actually learn next to nothing from logging in yourself. That’s because you are using the the CORRECT user name with the CORRECT password at some later time.
That doesn’t tell you if they entered the wrong password, the wrong user name, the user name was suspended, it was on a rebill payment hold, etc.
“Testing” a user’s password really doesn’t tell you anything at all except that you know how to cut and paste. All that “testing” it yourself does is make the user name show as being used by multiple people and therefore get it suspended. So instead use the reports to see what the CUSTOMER is doing wrong or what their problem is.
- See: Troubleshooting
Once you know what’s wrong
If they entered their password incorrectly (badpword), you may be able to look up the password via your processor, or just use the Strongbox admin to change it and email them the new password.
If the user entered their user name incorrectly (badpuser), you can simply tell them what the correct user name is.
If their password was shared, you can use the “re-enable user and change password” form in the Strongbox admin. Note that if we have upgraded your site to use strong passwords and strong encryption, a password that is shared must have been shared by the user. If you have our strong passwords and strong encryption set up, it’s virtually impossible for a hacker to get it, except if the user knowingly posts it or shares it. Therefore if you choose to re-enable a password that it shared, you will want to include an appropriate warning about not sharing it.