We ask the devs to do database changes and only then if we think they are important. I think we all have a healthy fear of really messing something up if we were to touch the DB. I'll copy this to the dev channel and someone there might have more to add.
The devs are a collective, so there are a lot of them who contribute their time. Jump over to !hexbear@hexbear.net if you are interested in joining up.
I think given the current doxxing attacks we are a bit hesitant to put targets on specifics users. So this is going to be a case of just trust us at the moment.
You wouldn't need to access the database, as long as there is a password reset option (which there is) any person with the right permissions could change someone's password.
Password reset in this website does not work that way. There are two ways to do a password reset, either using your known password, or using your email.
If someone's password is getting directly change it has to be directly on the server.
deleted by creator
We ask the devs to do database changes and only then if we think they are important. I think we all have a healthy fear of really messing something up if we were to touch the DB. I'll copy this to the dev channel and someone there might have more to add.
deleted by creator
From the Devs
deleted by creator
The devs are a collective, so there are a lot of them who contribute their time. Jump over to !hexbear@hexbear.net if you are interested in joining up.
deleted by creator
I think given the current doxxing attacks we are a bit hesitant to put targets on specifics users. So this is going to be a case of just trust us at the moment.
deleted by creator
You wouldn't need to access the database, as long as there is a password reset option (which there is) any person with the right permissions could change someone's password.
Password reset in this website does not work that way. There are two ways to do a password reset, either using your known password, or using your email.
If someone's password is getting directly change it has to be directly on the server.
Removed by mod
If it's done via an email recovery then all you need is the link they are sent, which anyone with access to the email server would have.
Yes, which is only accessible to people that have database access, ie, not moderators.