site wide security reset process?

i am wondering what is the simplest way to trigger a site-wide password reset, in the event that the site security is compromised (hacking)?

once any security issues are resolved, there needs to ideally be a way of triggering all members to reset their password at least..

has anyone coded a process for this?


  • not that I'm aware of, but you could do a simple batch process to generate new random passwords and email them out.  Or if you don't want to email them, basically invalidate all passwords and post a notice on the login form letting people know they should use the forgot password function.

  • i think the 2nd option is most efficient and simple.. i have no need to do this presently.. i was motivated to ask as i received a mail from another website who were doing this and wondered what i would do in that situation.