It is true that the password is encrypted in your database, but it could happen:
Hackers place backdoors in the forum's software that enabling them to record the password before encrypting it or temporarily having admin permissions and thus he can access/change the password.
Therefore, your advice to use another password is useful, and I hope to enhance security by adding:
- Two-factor authentication.
- Option to show IP addresses for the last 30 days.
- Cancel the ability to log in via Facebook (I have not tried it)
- locking the account when the user accesses the account via Secret Question
- Adding the option to assign white-list IP addresses so that you can only log in through them.
1. What if the email password is the same as the altcoinstalks account, will this be a serious problem?
2. If I change my altcoinstalks account password, will there be a password change confirmation in my email inbox?
3. As far as I know, if someone logs in to email from another device it will be detected where they logged in, this makes it possible to quickly change our email password, right?
4. If my altcoinstalks account is hacked, what is the guarantee from the admin so that my account can be returned to me?
1) If your email has been hacked, this means that all accounts linked to that email will be hacked.
2) This should happen because you were asked to verify email when you logged in.
3) Depends on your email settings.
4) Once you are verified, you will have to access your account. You have completed KYC verification, so you may be asked to send your passport again, or sign a message from your Bitcoin address.