Security concerns….
-
My use of this plugin comes default through a commercial theme in which I use. However, during the process of securing my site…I learned some interesting tidbits.
DDoS attacks are STILL a common approach for hackers of all levels. And their tools are becoming even more sophisticated. Basic security measures are about protecting the password, which, the general user for the most part still struggles to get right. With all this said, are we being actively security-conscious if we are publicly displaying our usernames? On most sites, these Usernames are used for logging in. We are giving hackers half of our access.
Without much thought, maybe we can replace the “Username” with quotes, First Name, Last Name, or combined name. Or simply remove the username without replacing it.
You could also extend this idea to include features from other plugins such as badges, points, location, bio, rank, etc…the ideas are endless.Just my thoughts,
Voice4Vision
-
Hello @voice4vision,
Thank you for bringing your concerns to our attention. We take security very seriously and are committed to ensuring that our plugins are safe and secure for all users.
Regarding your specific concern about the “Verified Member” feature, it’s important to note that this feature simply adds a badge to a user’s profile, and does not grant any additional permissions or access. The username and profile information are displayed by BuddyPress or BuddyBoss, depending on which plugin you are using.
Therefore, if you have concerns about the security of user profiles or the display of user information, we recommend reaching out to the authors of the BuddyPress or BuddyBoss plugin for further assistance. They will be better equipped to address any security concerns related to their respective plugins.
We hope this helps you. If you have any other questions or concerns, please don’t hesitate to let us know.
Best regards,
- The topic ‘Security concerns….’ is closed to new replies.
