Hello, I'm in contact with a user who says his account was hacked. I realized that the email address had been changed and 2FA enabled but the user log is empty.
I only enabled 2FA for members accounts after the XF 2.3 update so it must be a recent thing.
I found the user info with the former email address in a database backup so I know for sure this is the correct member account.
How can a user change his email address and/or enable 2FA without it showing in the user log?
Continue reading...
I only enabled 2FA for members accounts after the XF 2.3 update so it must be a recent thing.
I found the user info with the former email address in a database backup so I know for sure this is the correct member account.
How can a user change his email address and/or enable 2FA without it showing in the user log?
Continue reading...