YAFLogo

tecman
  • tecman
  • 100% (Exalted)
  • YAF All-the-Time Topic Starter
4 years ago
As I understand, this also affects all other forum user, not only me - right?

Ok, I will try to return to the previous version of the string tomorrow. Or maybe, there is no need to do that if I already solved the problem with my login? Wait until a forum user reports the problem with their login?

tha_watcha
  • tha_watcha
  • 100% (Exalted)
  • YAF.NET Project Lead 🤴 YAF Version: 3.0.3
4 years ago
Yes of course this affects all users.
tecman
  • tecman
  • 100% (Exalted)
  • YAF All-the-Time Topic Starter
4 years ago
I changed the hashAlgorithmType back to SHA1 and was able to reset my password using the old security question. Now I know that I must not change this parameter in the future upgrades 😉

Is there any big benefit in using the new SHA256 hash algorithm? And is it bad that I did not set a personal machine key for our forum when I initially established it? As I understand, now I need to live with the current security settings as they are "till the very end" and never change them in the future.

tha_watcha
  • tha_watcha
  • 100% (Exalted)
  • YAF.NET Project Lead 🤴 YAF Version: 3.0.3
4 years ago
SHA256 is more Secure then SHA1, but still you are safe to use the old hash algorithm.

Only when you switch to a different server it's a problem not to set a machine key