We Adore Him has always taken adorer privacy seriously. Our default settings work well for most Catholic communities.
However, in the past, enabling the Directory page or the Global Access Code was possible without requiring new adorers to be manually approved by an administrator.
In practice, we found that this combination of settings can lead to a bad actor registering for an adorer account and then immediately gaining access to either (a) the names and contact information of all adorers or (b) the access code to the chapel.
We've always strongly encouraged pairing these features with the adorer approval workflow; however, some chapels did not and fell victim to bad actors doing things like text phishing scams.
Starting today, administrators must enable the adorer approval workflow to use the Directory page or Global Access Code features.
Please note: If you don't use these two features, you don't need to enable the adorer approval workflow. New adorer accounts, even if automatically approved, are limited in what they have access to. Still, we encourage you to review the various privacy-related settings.
We also encourage administrators and captains to contact new adorers before approving their adorer accounts.