When I try to change my password to the admin interface (not the DB password), I select Yes on Update It (for Password), and get an error message appearing briefly
“Error sending password change token. Changes Saved”
Logging out and I still can login with my old password. If I then try “Forgot Password”, I get the same message “Error sending password change token”.
I then upgraded from 3.3.7 to 3.4.1 and still get the same behavior.
I think we were hacked yesterday as I’m getting a lot of bounce-back of spam emails apparently sent from my server yesterday. The bounce backs show phplist header info tho there’s no trace I can find otherwise in PHPlist (none in campaigns, no new email lists, …)
Anyhow I changed all email passwords but need to change the admin passwords now. How can I do that?