• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.
Batch Password Invalidate and Reset

Batch Password Invalidate and Reset [Paid] 1.0.0

No permission to buy ($20.00)
Use the batch user update function to invalidate and reset users password.

Slavik

XenForo moderator
Staff member
#1
Slavik submitted a new resource:

Batch Password Invalidate and Reset - Use the batch user update function to invalidate and reset users password.

This addon add 2 new options to the batch user update allowing an admin to invalidate and send a new password email to matching users.

This has a variety of uses, such as forcing password changes of regular intervals, invalidating passwords following a security compromise, or sending out new passwords following a double import where passwords may be unusable anyway.

View attachment 93902
Read more about this resource...
 
#4
Couple questions.
  • Does it work with the latest, 1.5.8 ?
  • I want everyone to go through a password change. My preference is that when a user successfully logs in, they will be presented with a requirement to change their password. Is the "invalidate" option the proper choice?
Thanks,
 

Slavik

XenForo moderator
Staff member
#5
Hi,

This works with the latest XenForo.

Invalidate will stop them logging in (it will throw a password error as if you entered the password wrong), rather than wait until they log in and force them to change.
 

Fred.

Well-known member
#6
Is it possible to invalidate passwords for users that didn't login for a long time? Let's say in the last 3 years?
 

Slavik

XenForo moderator
Staff member
#7
Is it possible to invalidate passwords for users that didn't login for a long time? Let's say in the last 3 years?
It uses the batch user update tool to search and apply the changes, so anything you can search for in that you can use with this.
 

Fred.

Well-known member
#8
It uses the batch user update tool to search and apply the changes, so anything you can search for in that you can use with this.
Great! Then I can invalidate all users passwords that didn't login in the last years so those accounts cant be compromised. (password re-usage)
The only problem that I just think about is that that will probably send out emails to all those old accounts with invalid e-mail addresses.
So I will get loads of bounced emails and a bad reputation. I have to find a way so it's not sending the e-mails.
 
#10
This is a joke, right? This should be a standard option on xenforo, especially when you have a look at the recent CloudFlare breach, where probably thousands of XenForo sites were affected and passwords of users are probably out in the open.

Paying for something even old vbulletin already had, pathetic.
 

EQnoble

Well-known member
#11
If you were affected by the cloudflare parser bug (which caused data to be exposed to crafty search engine queries) I would certainly understand your frustration but this breach you speak of by cloudflare only happened supposedly when using e-mail obfuscation, server-side excludes, and Automatic HTTPS rewrites.

At any rate vbulletin having a feature and cloudflare having a breach doesn't really warrant slighting of a developer of an addon who puts in his own time to provide a solution to what is obviously a problem for some.

I hope your potential problem caused by cloudflare is not a permanent one and wish you the best of luck with your site.
 

Slavik

XenForo moderator
Staff member
#12
This is a joke, right? This should be a standard option on xenforo, especially when you have a look at the recent CloudFlare breach, where probably thousands of XenForo sites were affected and passwords of users are probably out in the open.

Paying for something even old vbulletin already had, pathetic.
Then put it as a suggestion in the suggestions forum.
 

Phases

Active member
#13
This should be a standard option on xenforo, especially when you have a look at the recent CloudFlare breach, where probably thousands of XenForo sites were affected and passwords of users are probably out in the open.
Agreed.

This is a joke, right?
...
Paying for something even old vbulletin already had, pathetic.
XF should have it - but 20 bucks is fair enough in the meantime to give to someone who took the time to build the add-on that is so clearly needed. :)