Password Reset Question

[thunderclap]

If we configure vBSecurity's password feature what happens when a user logs in with a password that doesn't meet the requirements? Are they prompted to update their password or are they just let in? Also, when a password is changed is the user emailed to confirm the change or, in the very least, that the password change happened?

We're currently having a problem with someone trying to access our users accounts to send out spam PM's. I want to ensure our users are secure and that they are the ones making the changes.

 

[Fillip H.]

No, existing passwords cannot be checked, as that would be a gigantic security flaw. Only newly registered accounts and existing passwords being changed will be subject to these rules.

You could force a mass password reset, but that would be a bit of a drastic measure I'd say.

 

[Fillip H.]

As this ticket has received no further replies, I'll close it. If you have any further issues or questions, please feel free to start a new support ticket. Thanks!