magenxcommerce / module-security
Security management module
Installs: 143
Dependents: 5
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Type:magento2-module
Requires
- php: ~7.3.0||~7.4.0
- magenxcommerce/framework: 103.0.*
- magenxcommerce/module-backend: 102.0.*
- magenxcommerce/module-config: 101.2.*
- magenxcommerce/module-store: 101.1.*
- magenxcommerce/module-user: 101.2.*
Suggests
- magenxcommerce/module-customer: 103.0.*
Replaces
- magento/module-security: *
- dev-placeholder
- dev-default
- dev-2.4.3-release
- 100.4.3.x-dev
- 100.4.3-p1
- 100.4.3
- 100.4.2.x-dev
- 100.4.2-p2
- 100.4.2-p1
- 100.4.2
- 100.4.1.x-dev
- 100.4.1-p1
- 100.4.1
- 100.4.0.x-dev
- 100.4.0-p1
- 100.4.0
- 100.3.6.x-dev
- 100.3.6-p2
- 100.3.6-p1
- 100.3.6
- 100.3.5.x-dev
- 100.3.5-p1
- 100.3.5
- 100.3.4.x-dev
- 100.3.4-p2
- 100.3.4
- 100.3.3.x-dev
- 100.3.3
- 100.3.2.x-dev
- 100.3.2
- 100.3.1.x-dev
- 100.3.1
- 100.3.0.x-dev
- 100.3.0
- 100.2.8.x-dev
- 100.2.8
- 100.2.7.x-dev
- 100.2.7
- 100.2.5.x-dev
- 100.2.5
- 100.1.6.x-dev
- 100.1.6
- 2.4.3.x-dev
- 2.4.2.x-dev
- 2.4.1.x-dev
- 2.4.0.x-dev
- 2.3.7.x-dev
- 2.3.6.x-dev
- 2.3.5.x-dev
- 2.3.4.x-dev
- 2.3.3.x-dev
- 2.3.2.x-dev
- 2.3.1.x-dev
- 2.3.0.x-dev
- dev-100.3.6-p1
- dev-100.3.6-p2
- dev-100.3.4-p2
- dev-100.4.0-p1
- dev-100.3.5-p1
- dev-100.4.1-p1
- dev-100.4.2-p1
- dev-100.4.2-p2
- dev-100.4.3-p1
- dev-2.3.6-p1
- dev-2.4.1-p1
- dev-2.4.2-p1
- dev-2.4.2-p2
- dev-2.4.3-p1
- dev-2.4.3-p2
- dev-2.3.7-p1
- dev-2.3.7-p2
This package is auto-updated.
Last update: 2024-10-21 11:33:25 UTC
README
Security management module Main features:
- Added support for simultaneous admin user logins with ability to enable/disable the feature, review and disconnect the list of current logged in sessions
- Added password complexity configuration
- Enhanced security to prevent account takeover for sessions opened on public computers and similar:
- Password confirmation for all critical flows (like password, email change)
- Lockout of the account after a configurable amount of incorrect login/password entries
- Password Change functionality is enhanced by email and/or ip address by frequency, number and requests per hour limitation
- Change password link becomes invalid after the first use or after a configurable amount of time
- Password/email change notifications are sent to both old and new email addresses
- Fixed: the password is not being reset until the new password is submitted via the form available by a one time link sent to the email address