Login Security Solution
[resolved] Limiting password strength to certain roles (2 posts)

  1. Ross t
    Posted 2 years ago #

    This is more a question / feature suggestion.

    Not all users are created equal, some have access to the administration system, whilst others only have accounts to make comments on blog posts.

    Do you think it would be a worthy feature to restrict the password strength and expirations to only certain roles, like administrators and editors?

    This would mean subscribers would not have expiring passwords, but those with access to the administration system would be forced to use strong expiring password.


  2. Daniel Convissor
    Plugin Author

    Posted 1 year ago #

    Hi Ross:

    That's an interesting idea. A concern I have is that while someone may have low level permissions now, their role could be elevated in the future. So then they'd have power and a weak password. I guess it might be possible to require a password reset when elevating privileges, but that'd be be a project which I don't have time for at the moment, sorry.

    Thanks for contributing your thoughts,


Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Login Security Solution
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic