User account security module

[luisfer91]

Hi I coded a module which will block user account if there are more than 5 wrong attempts to enter in an account. ThE reason i coded this is because The script is vulnerable to brute forcé attacks in login, ive had several accounts which have been stolen.

This module prevents from accounts being stolen And blocks them after 5 attempts making the user have to use The forgot password page to access again to their account.

Im selling this module for 15$, comes with documentation and videotutorial in phpmyadmin to create a new column in users table

[Galaxian]

I really hope that this gets added to the original script...

[Mezo]

@Galaxian i hope it too

[Daxter]

Hello,

Was added on v2.1.0

Regards!

[sultime]

Hidden content for guests

This is correct

[igrok0075]

Hidden content for guests

Block on time ?, not amuse !, proxy to bypass such protection. When you just need to change ip, asking a security question.

[Damasc]

Hello,

Such a system have big disadvantages, if somebody wants to harm your website, in just few minutes it can make all your users to need to change their passwords. A big part from those users will hate this thing and will no longer activate on your site, in short time you will lose almost all your active users. Use it carefully!

[Daxter]

Hidden content for guests

I'm certainly agree with you! Brute-force attacks are surprisingly difficult to stop completely, they are easy to detect because each failed login attempt records an HTTP 401 status code in your server logs. It is important to monitor your log files for brute-force attacks in particular, the intermingled 200 status codes that mean the attacker found a valid password. Also we can prevent brute-force attack by using a captcha code. Anyway, with this new feature in PES Pro you can limit your exposure to these attacks. This is just the beginning. Perhaps the admin will develop this tools in better way in the future.

Regards!