NATS stores members' unencrypted and encrypted passwords by default. However, it also offers a feature that makes NATS only store a member's encrypted password for additional security. You can do this by setting the following configuration variable in nats/includes/config.php:
$config['MEMBERS_NO_UNENCRYPTED'] = 1;
- 0 - Stores the member's unencrypted password (default)
- 1 - Does not store the member's unencrypted password
Limiting Username & Password Length
To limit a member's username and password length, find the following code on the pre-join form template:
<TD class="join_name">Username:</TD><TD class="join_value"><input class="join_input" type="text"
name="signup[username:1:6:16:::username_check]" value="{$vars.username}">...
An important section to note is the following: [username:1:6:16:::username_check]
The fields between the colons above are: $name, $required, $min, $max, $compare, $ses_compare, $special, and $convert. Simply change the $max field to the maximum number of characters you would like to be accepted as a username or password.
Reusing Old Usernames
NATS also allows you to reuse old usernames by adding the following variable to your join form template:
<input type="hidden" name="signup[rename_old_member]" value="1">
