autumnwalker Posted April 12, 2022 Report Share Posted April 12, 2022 To enhance security, our forum vendor is recommending that we disable the ability to login using your username + password (e.g. autumnwalker). Instead they suggest that we only allow login using email address + password. Basically, usernames are public knowledge. Emails are less easily discoverable for a hacker. If we allow username login then the hacker only needs to guess passwords. If we force email logins then the hacker needs to guess email address and password. This would mean when you login you would put your email address as your "username" and your password as you do today. From the vendor: Quote Allowing users to log in with a display name can represent a security weakness for your community because display names are public information and malicious users may attempt to login to multiple accounts with common passwords until they find an account for which the passwords work. It is recommended that you only allow users to log in with their email address. Thoughts? Link to comment Share on other sites More sharing options...
Lil'monster Posted April 13, 2022 Report Share Posted April 13, 2022 Have we been hacked alot ? I stayed logged in on my phone . I have no clue what my password is lol Link to comment Share on other sites More sharing options...
autumnwalker Posted April 13, 2022 Author Report Share Posted April 13, 2022 11 hours ago, Lil'monster said: Have we been hacked alot ? I stayed logged in on my phone . I have no clue what my password is lol Not once! It's just preventative / recommendation. I could (or you could) reset your password if you forget it. Let me know if you want me to reset / txt it to you or if you want to txt me something to change it to for you. Link to comment Share on other sites More sharing options...
Lil'monster Posted April 13, 2022 Report Share Posted April 13, 2022 Not necssary if you leave it alone Link to comment Share on other sites More sharing options...
Powerram Posted April 16, 2022 Report Share Posted April 16, 2022 will we have to login in each visit? Or can we stay logged in on our phone Link to comment Share on other sites More sharing options...
autumnwalker Posted April 18, 2022 Author Report Share Posted April 18, 2022 You will be able to stay logged in just the same as now. The only change is instead of using "Powerram" and password you'd use email address and password to login when you need to login. 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now