• As always security and ease of use is a tradeoff. Even though I reduced the security settings on this my user where not able to login. One example: Many bruteforce attempts these days scans wordpress to find the valid usernames, then use that for BF attack. As a result my users was required to change password very often as the plugin forces “Forgot password” procedure on them on almost every login.
    I think the plugin is very good on a personal blog, and I would use it if we were only technical savvy users on my system.

Viewing 1 replies (of 1 total)
  • Plugin Author Daniel Convissor

    (@convissor)

    The plugin remembers valid users’ IP addresses when they change their password. There are two ways users would have to redo their passwords more than once:

    1) The user is coming from a different IP address

    2) You’re behind a load balancer or similar. See the installation instructions on how to resolve that.

Viewing 1 replies (of 1 total)
  • The topic ‘To secure for my users’ is closed to new replies.