Marc Stridgen

Its not something we have at present on the new editor, but its certainly an interesting idea. 

Thank you for bringing this issue to our attention! I can confirm this should be further reviewed and I have logged an internal bug report for our development team to investigate and address as necessary, in a future maintenance release.
 

Glad to hear things are now working for you 🙂 

I could have told you it was anything then 😄

I found things from a couple of years ago that I have there and that I didn't remember. Apparently, I have room for a few more projects... I'll continue later. Thanks for the moment.

Thank you for bringing this issue to our attention! I can confirm this should be further reviewed and I have logged an internal bug report for our development team to investigate and address as necessary, in a future maintenance release.
 

This is done from your file system, not your admin CP. So you create a file in the route directory named constants.php and add this
<?php define('DISABLE_MFA', TRUE); This will disable the google authentication you are struggling with, so you can log in

This is done from your file system, not your admin CP. So you create a file in the route directory named constants.php and add this
<?php define('DISABLE_MFA', TRUE); This will disable the google authentication you are struggling with, so you can log in

At present it follows the permissions of the database, so you would have to set it there within the admin CP if you want to set specific permissions 

Feel free to post up within the feedback area if you wish to see changes in this area

No. While you can download an application's folder from the server, plugins aren't the same. When plugins are installed, the setup folder is NOT saved on the server. And the original XML file is not available, either.
You'll need to rebuild the XML file from scratch based on the files on the server, plus rewrite from scratch the setup folder (if the plugin creates tables or adds columns).
 
It may take some time, but it can be done. I've done it several times for clients, especially recently after the marketplace closed.

@Svetozar Angelov - Sorry to see you are having issues with spam here. I just wanted to pick up on where we are here, as there appears to be a lot of confusion, and I want to clear up where we are.
We understand you have an issue with spam, and I feel you believe we are in some manner ignoring this. Let me assure you this is certainly not the case. 
You have stated there is a "Hole" here, without any evidence of this in any way. Just an assumption. While I understand the frustration, this isn't going to help your issue. We have no known security issues on the platform, and from what my colleague has seen so far, it seems the users are logging in and posting as normal, and they are standard users, who have logged in with a password.

A few things to note on that. If they have logged in with the password, then they have the password. There is no way in which to get a users password on the software. To make this very clear. If I have access to your database directly, with your database credentials, and have full FTP access, I still could not obtain what a users password is on your system, due to the way the passwords are encypted. And they are encrypted with PHP methods useds throughout the internet (not only our software). Quite simply, nobody has gained the password of a user through your software. 
  My colleague has also shown you there where to check if a user has had their details compromised on another site. Most users will use the same passwords across multiple sites. So if a site elsewhere has been hacked where their password can be identified, they have an email/password combination that may work on the site. Therefore they would simply be able to log in with those details. I'm sure you understand, thats not something we have any control over
  You can use 2 factor authentication for all users. There is unfortunately an issue with the google one at present that we are looking into, but you can use question and answers. This would force users to at least have another action to log in, meaning if someone does know the password, they may stumble at the question/answer stage  
We are more than happy to look at your settings to see what we can advise. But you do appear to be quite hostile toward people who are trying to help you. Both staff and other customers. I can only assume that is out of frustration. A frustration I can fully understand. But please do help us to help you. We are on your side, and do not like spam any more than you do 🙂 

For the record, @Patham, there is no such thing as a silly question. Everyone has different abilities when it comes to forum software and the internet in general. The only way to learn is to ask as many questions as you can. I find myself asking questions performing certain functions purely because something I had to do when releasing one community, I didn't do until years later when I created another community.
Glad you found a solution in the end though.

I've just asked about this, and it does indeed show the last 5. So it seems the others are records from prior to us having that limit

I am curious as to how you have "notices this can happen on many IPS websites"? Could you perhaps elaborate on that?
There isn't any way in which to actually get password from the database (for example, even from the database, I couldn't tell you what your password is). So if someone is sending you usernames and passwords that are genuine, its very likely they have gotten it from another source. We often find that users using the same password across multiple platforms are the ones that get targeted. 
Of course, if you have more specific information, please do feel free to contact our accounts department on the contact us link below (or pm me, that's not a problem). But a list of usernames and passwords being sent to you won't have come from your IPS database, as they simply aren't stored in a manner that is readable and would allow that, even with full access to a sites database. 
If you have many customer accounts that have been compromised, I would advise you force all users to change passwords on your site, which you can do from the members section of your admin CP

Thank you for bringing this issue to our attention! I can confirm this should be further reviewed and I have logged an internal bug report for our development team to investigate and address as necessary, in a future maintenance release.
 

What my colleague is saying, is we hit them. Not that we fixed it 🙂

Ah I found a problem.
I just miss typed on captcha setting.
I thought captcha key can be used for different domains. Didn't know it was a unique for each domain.

If you can provide some examples, that may be easier to go by to advise on

What my colleague is saying, is we hit them. Not that we fixed it 🙂

This should be fixed now.

It sounds like server resources you are having an issue with when sending them over. Something timing out perhaps. It would be worth checking your server error logs to see what is showing up there

It’s a browser issue. I see it frequently with Safari. There isn’t anything in the community software that can have any effect on it. The software just creates HTML to say where the image is and it is up to the browser to download it and deal with caching, download order, connection issues and so on. 

Yes, you should be find to proceed