Topic: Login Security feature request, Login Security Recommendations

Login Security feature request, Login Security Recommendations

Tagged: feature request, Login Security, recommendation

This topic has 22 replies, 3 voices, and was last updated 9 years, 6 months ago by AITpro Admin.

Viewing 8 posts - 16 through 23 (of 23 total)

← 1 2

Author

Posts
May 15, 2013 at 8:39 am #5705
Young Master
Participant

I have already update to verson 5.8.2. Thank you very much. I have got another recommendations for Login security feature. Can you make BPS Pro Log out users after being idle for a period of time. For example when someone logs in into my website an accidentally he/she forgets to logout. After maybe 15 minutes of no activity on that site that user account will be logged out.
May 15, 2013 at 8:51 am #5706
AITpro Admin
Keymaster

This seems like a useful option so we will add it. It may or may not get into the next BPS Pro version release. That will depend on if all goals are completed for the next scheduled release of BPS Pro.
May 15, 2013 at 8:56 am #5707
Young Master
Participant

I will appreciate it. Which features are going to be introduced in the next release of BPS Pro if you dont mind.
May 15, 2013 at 9:07 am #5708
AITpro Admin
Keymaster

We no longer announce this as it causes confusion and headaches for all involved. We follow a schedule and if things change based on priority then things change.
May 16, 2013 at 5:38 am #5740
Young Master
Participant

Can add you add this feature in login security that if someone wants to change password for his wordpress account he/she would be required to enter a current password instead of default wordpress password change option which doesnt require a user to enter a current password if he/she wants to change his/her password.
May 16, 2013 at 8:23 am #5745
AITpro Admin
Keymaster

Currently the default way that WordPress handles password resets is the optimum way to handle this for a number of safety/security reasons. By default if a user wants to reset a password, a valid username or email address needs to be entered and a new password is automatically generated and sent to the user’s email address. There is no need to add an additional check to check the current password for this reason. Adding a feature/option like this would actually open up the possibility of exploits and vulnerabilities so this feature/option would not be added. Thank you for the suggestion.
May 16, 2013 at 12:56 pm #5765
Young Master
Participant

Am not talking about password reset. Am talking about changing a password after successfully logged in. That option is available in the user’s profile.
May 16, 2013 at 1:16 pm #5766
AITpro Admin
Keymaster

Oh ok well we may expand BPS Pro to other areas, but for now we are concentrating on website security. Once all of our website security goals are achieved then we will look into adding other features such as this. Thanks.
Author

Posts

Viewing 8 posts - 16 through 23 (of 23 total)

← 1 2

You must be logged in to reply to this topic.

BulletProof Security Forum

Login Security feature request, Login Security Recommendations

Search Forums

Topic Tags