In what seems to be a flood of new development and releases lately, the WP-Members Security extension has been updated to 1.2.0. This update includes some great new features!
Anti-spam APIs Added
First, to coincide with the new WP-Members Stop Spam Registrations extension, the stopforumspam.com API has been added to the Security extension. The Akismet API has also been added. So you with the new 1.2.0 version, the IP address, email, and username of all new registrations can be checked against the stopforumspam.com data as well as Akisment data – either, or both.
Registration Honey Pot Improvement
Also on the anti-spam front, I’ve improved the honey pot feature. Previously, the hone pot was a fixed/static field name that was not displayed to human (browser) users. Beginning with version 1.2.0, this feature has been improved to set a random field name for your specific install. This will make it less penetrable by bots since they won’t know what the plugin’s honey pot field name is. To make this process a even more solid, the randomness is intended to look like regular words you would see in a field name, rather than just random values like a hash.
Failed Login Logging
The other big change is the introduction of failed login logging. This is optional, and when turned on it will keep a log of all failed logins – the username used, timestamp, user IP address, etc. It can also be set to send an admin notification when this occurs. I’ll be expanding this in future versions.
Previous Passwords Restriction
In addition to the existing feature of password expiration, this version adds the ability to require that a new password be unique. It can be set to a number of previous passwords, such as “You password cannot be one of your X previously used passwords.” It can also be set to require any password to be unique (i.e. the user has never used it before).