1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.4 [Security] Banned members able to change their password?

Discussion in 'XenForo Questions and Support' started by imthebest, Apr 30, 2015.

  1. imthebest

    imthebest Formerly Super120

    Today reviewing my user change log I found a record of a banned member that says:

    Field Name: Password
    Old value: *******
    New value: *******

    I have tried and being banned you can't change your password.

    What could be happening here?

    Thanks,
    Super120
     
  2. imthebest

    imthebest Formerly Super120

    I guess he used the password recovery feature? Is it possible even if the member status is "Banned"?
     
  3. Chris D

    Chris D XenForo Developer Staff Member

    Yes, he used the password recovery feature.

    There's no reason why it wouldn't/shouldn't work.
     
    Amaury likes this.
  4. Amaury

    Amaury Well-Known Member

    Furthermore, banned members can still log in like any other member, so it wouldn't make sense to deny them the ability to reset their password.
     

Share This Page