2007-01-21, 09:08 AM
The report of a failed login into the AdminCP should NEVER be sent over e-mail. E-mail is easy for anybody to read. I can recall making a type-o in my username and then getting an e-mail about it and I'm like "Gee, thanks MyBB, for broadcasting my admin password in plain text for the whole world to see..."
This should definately be changed, it is a security risk. For the immediate future, how can I disabled this "feature?"
This should definately be changed, it is a security risk. For the immediate future, how can I disabled this "feature?"