You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Florian Eisenmenger
41ccc32b5d
|
2 年之前 | |
|---|---|---|
| .. | ||
| Api/Data | 2 年之前 | |
| Block | 2 年之前 | |
| Controller/Adminhtml/Session | 2 年之前 | |
| Model | 2 年之前 | |
| Observer | 2 年之前 | |
| Setup/Patch/Data | 2 年之前 | |
| Test | 2 年之前 | |
| etc | 2 年之前 | |
| i18n | 2 年之前 | |
| view | 2 年之前 | |
| LICENSE.txt | 2 年之前 | |
| LICENSE_AFL.txt | 2 年之前 | |
| README.md | 2 年之前 | |
| composer.json | 2 年之前 | |
| registration.php | 2 年之前 | |
README.md
Security
Security management module Main features:
- Added support for simultaneous admin user logins with ability to enable/disable the feature, review and disconnect the list of current logged in sessions
- Added password complexity configuration
- Enhanced security to prevent account takeover for sessions opened on public computers and similar:
- Password confirmation for all critical flows (like password, email change)
- Lockout of the account after a configurable amount of incorrect login/password entries
- Password Change functionality is enhanced by email and/or ip address by frequency, number and requests per hour limitation
- Change password link becomes invalid after the first use or after a configurable amount of time
- Password/email change notifications are sent to both old and new email addresses
- Fixed: the password is not being reset until the new password is submitted via the form available by a one time link sent to the email address