• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Security for admin accounts

Brogan

XenForo moderator
Staff member
#2
The reason you can't post in that thread is because you haven't associated your forum user name with your license.

How do you know which are admin accounts?

If the site owner so wishes, they can remove the first account as an admin account and set up a new one.

So then you would have to guess the account and the password.

Not to mention defeating the .htaccess password/IP auth on the ACP log in.
 
#3
The reason you can't post in that thread is because you haven't associated your forum user name with your license.
Thanks

How do you know which are admin accounts?
On some sites it would be pretty easy to figure out who the admins are because they would be the ones doing all the 'butt kicking', I guess :)

If the site owner so wishes, they can remove the first account as an admin account and set up a new one.
Does this mean use a different account to do the posting with?

I still think a useful solution is to allow different username to display name :) My thoughts.
 

Newt

Active member
#4
I think what you're looking for is pretty well explained here. Makes the user.1 Super Admin account no longer as exposed. Now the admin.php file can still be targeted, hence the .htaccess protection which adds a security layer.