XF 1.4 Members passwords


Active member
Obviously admin passwords need to be very strong to prevent the forum being hacked.

What about users? Normal users who don't have any admin rights. What they got hacked? Could a hacker kill the site from a normal user account?

Chris D

XenForo developer
Staff member
Users should still take care to ensure their account is safe. They should use strong passwords and they should use two step authentication, if available.

But, no. If they don't have permission to do anything, a compromised user account won't be able to do anything to the site itself.