-my @header = ( '#', 'Service', 'Account', 'UID', 'Last Login' );
-my @fields = ( 'svcnum', 'svc', 'email', 'uid', 'last_login_text' );
-my @links = ( $link, $link, $link, $link, $link );
-my $align = 'rlllr';
-my @color = ( '', '', '', '', '' );
-my @style = ( '', '', '', '', '' );
+my @header = ( '#', 'Service', 'Account' );
+my @fields = ( 'svcnum', 'svc', 'email' );
+my @links = ( $link, $link, $link );
+my $align = 'rll';
+my @color = ( '', '', '' );
+my @style = ( '', '', '' );
+
+my $conf = new FS::Conf;
+
+if ( $conf->exists('report-showpasswords') #its a terrible idea
+ && $curuser->access_right('List service passwords') #but if you insist...
+ )
+{
+ push @header, 'Password';
+ push @fields, 'get_cleartext_password';
+ push @links, $link;
+ $align .= 'l';
+ push @color, '';
+ push @style, '';
+}
+
+#maybe hide the UID if a flag isn't passed... its much less useful these days
+push @header, 'Real Name', 'UID', 'Last Login';
+push @fields, 'finger', 'uid', 'last_login_text';
+push @links, $link, $link, $link;
+$align .= 'llr';
+push @color, '', '', '';
+push @style, '', '', '';