coltwest

Yes, you can change those settings after the update. The issue here for me is that I have 147 websites using the pro version of the plugin and those sites have over 10,000+ users combined. Of course, many people have not changed their password in over 120 days and many do not have “strong passwords” as defined by WP. Security is important no doubt, but to have the new version of the plugin default to these settings being enforced when the current plugin settings have those settings disabled is over reaching the configuration the website owner/administrator has established.

Most of my customers (the website owners) elected to not have these settings enabled to begin with by choice. iThemes has taken away that choice with this update. Hopefully, iThemes will issue an update to not have these settings enabled by default and to respect the settings of the current plugin installation.

My workaround was to revert back to the prior iThemes Security Pro release en mass (via MainWP) and everything is good again. Thankfully, I had a copy of the prior release to use. I’ll just have to wait it out and see if iThemes comes to their senses and issues a quick fix.

• This reply was modified 4 years, 10 months ago by coltwest.