Print User Password Django

• Django Password Expiration

Add a button to Django admin to login as a user (without the password) Django correctly stores user passwords as md5 hashes by default. This is great for security; there is zero chance that a password could be exposed via flaw in the site, attack, disgruntled employee, whatever.

Here's another idea. Don't require password authentication for su. Instead use /etc/sudoers to allow your web server user to run things as other users.

Django Password Expiration

This way you can also restrict which commands can be run - does your current view protect against injecting stuff into the command line?This way you don't need to keep users passwords, you just give one username (wwwuser) the privs it needs. Django has already decided who the user is from the login, so I don't think there's a problem in giving it enough privs to do something as that user.