In a hotfix, XG firewall notifies local firewall users (AD, LDAP, RADIUS, TACACS+ users are not affected) whose password has not been changed since April 25, 2020, that they must change their password. This action allows administrators to change all affected user passwords proactively, in a way that is safe to communicate to the end users. It will append a token value to the end of the existing password. Users will then be able to login by typing their current password, and the added token value. This way, admins can be sure that insecure or compromised credentials do not pose an immediate risk.