Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By mcasasga on
Dear all,
We are receiving emails, like the one below, without the users asking for. Please note we have Drupal 7.24 out-of-the-box installed without any other module to implement password policies or password expiration.
Is there any process running in the background or this is a security issue and we are being attacked? Any advice?
Thank you.
Regards
Miguel
---------- Forwarded message ----------
From:
Date: 2014-02-17 9:30 GMT+01:00
Subject: Replacement login information for sysadmin at myApplication
To: user_mail@gmail.com
User mail,
A request to reset the password for your account has been made at myApplication.
You may now log in by clicking this link or copying and pasting it to your browser:
LINK TO RESET THE PASSWORD
This link can only be used once to log in and will lead you to a page where you can set your password. It expires after one day and nothing will happen if it's not used.
-- PUB5 Beta (Composition of WMO) team
Comments
Today I'm receiving these
Today I'm receiving these emails from all my Drupal sites ... Without asking to reset ?
Discussion about this
https://www.drupal.org/project/drupal/issues/2939720
Just saw the link to the
Just saw the link to the discussion. Going there next