We installed the LDAP plugin and use Windows Authentication. So far so good but we discovered by accident if you use a valid Windows Ad username you can logon forthe first time without a password and a blog is created for you. What is more worrying is anyone can log on as another user and have access to that users blog and admin console.
- The topic ‘Users can log on withtout a password!! LDAP Plugin used’ is closed to new replies.