Passwords are strictly confidential and must not be given out over the phone for any reason. It is OK to provide a customer with their user name if they were able to properly identify themselves, but never the password.
An order through a partner account is easily identified from the box next to the customers name in OMS/SASP:
• Blue – Indicates an order placed through a web host. A Web Host customer order is placed by the Web Host (we only send certificates to the web host) and not by the web hosts customer; therefore the customer has no console login. APIs can be used for customers to create their own account on their website and for a portal login for the customer; strictly SSL certs; no end user has direct access and must be referred back to the web host for support.
• Red – Indicates an order placed via a reseller (Reseller orders are placed by reseller's customers via a URL provided by the reseller (has API but not functionally adequate so uses link). Once the order is placed on our system it does not get issued until the Reseller authorizes it. The usual process is that the reseller requests the money for the certificate from the customer and only when that is received will the reseller authorize order.When the reseller authorizes the order we then deduct the cost of the certificate from the account funds. SASP users must all be authorized; SSL and code signing and client certs.
Incommon password reset: (http://www.incommon.org/certificates/support.html)
• Pink – Indicates an order placed through an EPKI account; single entity usually just SSL certs and SMIME. EPKI orders are placed by the owner signing into their account and selecting the product to purchase directly from the EPKI options. This type of account is the best option for a customer wishing to purchase several certificates for the same primary domain with different sub-domains. When an EPKI Partner signs into their account they will see the same as a direct customer but will have an additional option which says ‘E-PKI Manager.’ If they still have the original order number the customer can use the automated password reminder system located here. Otherwise they need to Submit a ticket here. This email must be from the administrative email address on the account, and must include the original domain name it was purchased for.
• Dark Green - Affiliates (reseller but Comodo captures payment).
• Green –Indicates a customer who came directly to Comodo, not via a Partner. If the problem is just the password then as long as they have the order number and either account email address or user name this can be automatically reset by visiting www.instantssl.com and clicking on the 'forgotten password' link. If they do not have the details required above, please have them send an email, from the account administrative email address to [email protected] with as much detail as possible so that we can locate their order.
Code Signing: You can change the password on your certificate without a new certificate being issued. If you export the certificate on the same computer, using the same browser, at the end of the process you will be prompted to create a password.
*NOTE: Under no circumstances reset the ALTAIRE partner account passwords. This password is hard-coded into their software they provide customers.