Home › Forums › BulletProof Security Pro › Login Security feature request, Login Security Recommendations
Tagged: feature request, Login Security, recommendation
- This topic has 22 replies, 3 voices, and was last updated 7 years, 8 months ago by
AITpro Admin.
-
AuthorPosts
-
Young Master
ParticipantI have already update to verson 5.8.2. Thank you very much. I have got another recommendations for Login security feature. Can you make BPS Pro Log out users after being idle for a period of time. For example when someone logs in into my website an accidentally he/she forgets to logout. After maybe 15 minutes of no activity on that site that user account will be logged out.
AITpro Admin
KeymasterThis seems like a useful option so we will add it. It may or may not get into the next BPS Pro version release. That will depend on if all goals are completed for the next scheduled release of BPS Pro.
Young Master
ParticipantI will appreciate it. Which features are going to be introduced in the next release of BPS Pro if you dont mind.
AITpro Admin
KeymasterWe no longer announce this as it causes confusion and headaches for all involved. We follow a schedule and if things change based on priority then things change.
Young Master
ParticipantCan add you add this feature in login security that if someone wants to change password for his wordpress account he/she would be required to enter a current password instead of default wordpress password change option which doesnt require a user to enter a current password if he/she wants to change his/her password.
AITpro Admin
KeymasterCurrently the default way that WordPress handles password resets is the optimum way to handle this for a number of safety/security reasons. By default if a user wants to reset a password, a valid username or email address needs to be entered and a new password is automatically generated and sent to the user’s email address. There is no need to add an additional check to check the current password for this reason. Adding a feature/option like this would actually open up the possibility of exploits and vulnerabilities so this feature/option would not be added. Thank you for the suggestion.
Young Master
ParticipantAm not talking about password reset. Am talking about changing a password after successfully logged in. That option is available in the user’s profile.
AITpro Admin
KeymasterOh ok well we may expand BPS Pro to other areas, but for now we are concentrating on website security. Once all of our website security goals are achieved then we will look into adding other features such as this. Thanks.
-
AuthorPosts
- You must be logged in to reply to this topic.