PDA

View Full Version : How to Modify Vulnerable Password Check?


joemopp
02-02-2009, 05:12 PM
The "Check Vulnerable Passwords" Function in AdminCP allows for reseting UserĀ“s Passwords for users whith the same password as the account username.

We would like to use this function to mail all our users which we just brougt over from our wordpress blog. If we could extend these setting so that it would check for a specific word rather than the account username only, we would give all imported users the same password and then run this script so that they all are informed about the new system - and with that receive a new password.

I am wondering whether someone has a solution/hack/mod to this?

The other option would be that we set the password for every user to his account username and the standard script - which would be another task in terms of automation.

Please do not refer me to the lostpassword script in vB. We try not to have all our users go through this multi-step process :-(

Thanks for your help
-Joe

Dismounted
02-03-2009, 04:27 AM
Create the script that checks users passwords against your list of words. Set the password expiry of that usergroup to a high-ish number if you have it disabled, and set the user's password as expired.