currently our moodle (1.9.2) exports with the course-backup possibility all users with their encrypted passwords even the admin accounts. Allthough it is difficult to decrypt these, a brute-force-attack might work.
Is there a possibility to prevent the course owners from exporting their course with the account infos? We have already searched the configuration and couldnt find anything.
Security and privacy
Exporting all users with passwords?
This discussion has been locked because a year has elapsed since the last post. Please start a new discussion topic.