Hey everyone,

My site is currently being targeted by someone with some pretty malicious intent who's been able to access several people's accounts. This has been done either through some sort of SQL injection (a lot of logs of this) or just some bad passwords. To try and salvage some security for our members I need a way to reset everyone's passwords and force members to change their passwords. 

Does anyone know of any plugin or other way to do this?

Something like the plugin below would be great but I need it for IPS 4.1.

 

There is this:

https://invisionpower.com/files/file/8173-password-policy/

However it does not currently 'force' them to change them, it is however listed as a future addition to that file:
 

Quote

 

New Features to Come (30-45 days to implement):

REMINDER: This plugin will have a REMINDER where users will be required to change their passwords in a time frame set by the Admin

ENFORCEMENT: Enforce users to change their passwords: users won't be able to use your board until they change their password

HISTORY: Users won't be able to use passwords already used on last X password changes.

 

It may be worth you asking in its support topic (here) about the likely ETA for those though.