Actually, and this is unrelated, but on my Warcraft III clan's forums, there was a security loophole in phpBB (I know they don't use phpBB, which is why it's unrelated) that allowed anyone, if they knew what to do, to gain access to any recent poster's password. Here, we disabled guests from even viewing the forum in order to solve the problem (until it was later fixed with a phpBB patch).