Home › Forums › BulletProof Security Pro › Login Security feature request, Login Security Recommendations
Tagged: feature request, Login Security, recommendation
- This topic has 22 replies, 3 voices, and was last updated 10 years, 11 months ago by AITpro Admin.
-
AuthorPosts
-
Young MasterParticipant
I have already update to verson 5.8.2. Thank you very much. I have got another recommendations for Login security feature. Can you make BPS Pro Log out users after being idle for a period of time. For example when someone logs in into my website an accidentally he/she forgets to logout. After maybe 15 minutes of no activity on that site that user account will be logged out.
AITpro AdminKeymasterThis seems like a useful option so we will add it. It may or may not get into the next BPS Pro version release. That will depend on if all goals are completed for the next scheduled release of BPS Pro.
Young MasterParticipantI will appreciate it. Which features are going to be introduced in the next release of BPS Pro if you dont mind.
AITpro AdminKeymasterWe no longer announce this as it causes confusion and headaches for all involved. We follow a schedule and if things change based on priority then things change.
Young MasterParticipantCan add you add this feature in login security that if someone wants to change password for his wordpress account he/she would be required to enter a current password instead of default wordpress password change option which doesnt require a user to enter a current password if he/she wants to change his/her password.
AITpro AdminKeymasterCurrently the default way that WordPress handles password resets is the optimum way to handle this for a number of safety/security reasons. By default if a user wants to reset a password, a valid username or email address needs to be entered and a new password is automatically generated and sent to the user’s email address. There is no need to add an additional check to check the current password for this reason. Adding a feature/option like this would actually open up the possibility of exploits and vulnerabilities so this feature/option would not be added. Thank you for the suggestion.
Young MasterParticipantAm not talking about password reset. Am talking about changing a password after successfully logged in. That option is available in the user’s profile.
AITpro AdminKeymasterOh ok well we may expand BPS Pro to other areas, but for now we are concentrating on website security. Once all of our website security goals are achieved then we will look into adding other features such as this. Thanks.
-
AuthorPosts
- You must be logged in to reply to this topic.