Total Blue System Ecommerce

In our ecommerce site management tool known as the Admin Area of Total Blue System, the "Contacts" section now distinguishes between Customer accounts and Admin accounts, with the organizing tab being renamed "User Accounts". Formerly grouped together as "contacts," they are now managed from separate screens or pages, which reflect deeper changes in how the software functions.

Driven by our compliance to the Payment Card Industry's Data Security Standard (PCI DSS) and timed for the conclusion of our audit of compliance, admin accounts are now managed distinctly and more intensively than customer accounts because admin accounts can grant access to sensitive order payment details.

Here are some notable changes:

• You cannot login to the public side of the website, the customer's My Account area, if you are using an admin account. Only customer logins gain entry to the My Account area now.
• Passwords for your Admin Area account are now encrypted. We cannot know them or help you recover them. Passwords can only be reset if need be to restore access.
• If you forget your Admin Area login details, you've got about 5 chances to enter the correct username and password. After that, you'll be locked out of the Admin Area for a period of time. This helps prevent what's known as brute force or dictionary attacks.
  • If you need further assistance after being locked out of your account, you can contact another Admin Area site manager or E-business Coach's tech support team for assistance unlocking your account. Direct the person helping you to edit your account in the Admin Area and follow the prompt to unlock the account.
• The login URL for the Admin Area has changed slightly. That explanation may help make it easier to login.

There are other significant, sometimes subtle changes going on as we complete our PCI audit. Find out more by reading those posts categorized as ecommerce security.

Total Blue System's ecommerce software includes a full-featured Admin Area, enabling site owners to maintain their site's catalog and content from within a web browser. The login URL to the Admin Area that you ought bookmark is https://www.yourdomain.com/admin/ and that will remain the same after this latest software system update. But there is the potential for confusion when logging in, as the redirect from https://www.yourdomain.com/admin/ to the form where you enter your username and password will change effective 26 February. The changes are part of a number of security enhancements related to our compliance to the Payment Card Industry's Data Security Standard (PCI DSS). Learn more in posts categorized as ecommerce security.

Whether you have a problem logging in will depend much on whether you use a password manager tool (we recommend RoboForm and 1Password),
or rely on your web browser to save and manage your passwords, or you type directly in the form fields.

Here are some tips on how to login if you don't know your password and the software you use to manage your password seems confused by the updated login URL:

• View and edit your password from within the software you use as your password manager. Once you fetch your password, then enter it directly into the form by manually typing it into the fields. As you submit the form to login, you'll be prompted to save this information. Choose to save the login details and this ought update your URL and make it easy to login next time.
  • In the Firefox web browser, for example, you can go to Edit -> Preferences. Then choose Show Passwords and find the URL of your website's admin area. Then enter the password as you see it there into the form fields for the Admin Area login. Try a similar process if you use Microsoft's Internet Explorer.
  • In 1Password, you can edit the URL that's saved. In this case, the old URL may look like https://www.yourdomain.com/admin/signin.php. Instead, change it to just https://www.yourdomain.com/admin/
  • In RoboForm, you can't typically edit the URL. But you can view the password and then manually enter it into the form field. Upon form submission, you can save a new "passcard" to use the next time.
• If at least one person in your company who has Admin Area access does know his or her password, then the others who do not can ask that person to update their passwords from within the Admin Area. Go to "User Accounts" then "View / Edit Admin Accounts". Choose to edit the admin user in question. You can enter a new password in the  so-named field and save your changes.
  • Just remember that communication of the new password need be in person or by phone and never by email. The sensitivity of the password excludes email as a means of communicating it, unless the email message itself is encrypted.
• If none of the above options are working or make sense, then contact our technical support team for assistance. We can reset your password for you if you have an existing account. (We cannot tell you your existing password, as it's encrypted and not available to us.)