Security Questions



  • Few things to mention.

    I believe NodeBB should return a generic error message such as "Email or Password is incorrect".
    Is it also possible to restrict guests from viewing the Users page/list?
    Also, is there an option to enable email login only? I think this would add a layer of a security as an outside(or inside) attacker can't easily guess user emails.

    This is obviously for those of us that are extra paranoid. Any thoughts?


 

Suggested Topics

| |