Dismiss Notice
We would like to remind you that we’re updating our login process for all 3CX forums whereby you will be able to login with the same credentials you use for the Partner or Customer Portal. Click here to read more.

Most 3CX systems can be used as a Free Conference Bridge by external callers.

Discussion in '3CX Phone System - General' started by Ajints, Mar 13, 2017.

Thread Status:
Not open for further replies.
  1. Ajints

    Joined:
    Mar 10, 2016
    Messages:
    7
    Likes Received:
    0
    The way the 3CX system is configured as a default I believe there is no PIN required to create conferences. An external caller can then call the 3CX system then dial 700 and proceed to create a conference. Anyone can then call into the conference. As a result the system owner will incur charges if they get charged per minute for incoming calls.

    Can anyone explain what the logic was behind this implementation and not requiring some sort of robust authentication or at least allow restricting conferences from external trunks.

    Also if you decide to require a PIN code for conference calls there is one PIN for the entire company how are you supposed to keep that secure. The correct implementation in my opinion would have been to require a unique PIN for every user based on something like the Extension # plus their Voicemail password.

    How in the world do larger companies handle this ?
     
  2. YiannisH_3CX

    YiannisH_3CX Support Team
    Staff Member 3CX Support

    Joined:
    May 10, 2016
    Messages:
    7,455
    Likes Received:
    541
    Hello @Ajints

    Please note that the conference pin is enabled by default so the caller must know the pin to create a conference. Also the conference extension can be changed so it is not known so the possibility that someone calls in and direct dials from an IVR into that extension is limited.
    That also depends if your calls are directed to an IVR or you have a DID directly for the conference.
    Also how would you make sure that if each user had a password those would not leak?
    You can post this as a feature request in our ideas section of the forum so that it can be up-voted by other users
     
Thread Status:
Not open for further replies.