[pp]

When I worked at a large company, their reason for storing passwords (to an online ordering system; for some 1.5 million clients) as plain text was the ability to impersonate users when debugging their problems. Then, after a while, even that became too hard for them so they added a special backdoor: on the live system, you could go to a special page (it was not linked from anywhere, but it was conveniently named Login.aspx) and enter the user ID and a shared password that worked for all users. I'm still amazed why this had never been taken advantage of while I was there.

[MartinCron]

If it's properly secured and leaves an audit trail (sounds like yours wasn't) an "impersonate user" feature is pretty much a must have for debugging problems on any site has content or behavior that varies per-user.

I worked at a company that had properly encrypted passwords, but the customer support people would just ask the user for their username/password and login through the front door. Once I found out about that, I implemented a simple yet secured impersonate system and it has served us very well.

[dangrossman]

I agree, it's an extremely useful feature to have.

The way I set it up is that the user must first log in to an administrator-level account before they can impersonate another user by entering a username or ID.