Discussione: Vulnerabilità password

Ke vorrebbe dire questo messaggio su Vbul 3.7.3 pl1?

Some users may have created accounts with vulnerable passwords. Vulnerable passwords can be passwords that are:

* The same as the account username

Such passwords make accounts vulnerable to exploitation from automated scripts and programs that can guess the password to access your board under the guise of the affected users. This may be done for the purposes of spam or online identity theft.

Users can no longer create accounts with the above vulnerabilities, but older accounts may still be affected. Affected users will be prompted to change their current password the next time they login. However, older accounts may still be vulnerable where the user no longer uses the account to access your board. Note that if you force a reset of an account and the email address associated with the account is no longer valid, the user may effectively be locked out of that account.

For this reason you may choose which accounts to reset based on the users' last activity. Users who have recently logged in are more likely to change their password and email settings themselves. It is advised that accounts that have not been accessed recently are reset first. You can check at a later time or date how many affected accounts remain before deciding to force a password reset.

When you perform a reset, an email will be sent to the affected users. You will have an option to change the email message.

Check Accounts with Last Activity