Lockout Options
When using login lockout, it is recommended that you set WP-Members to use the WP login error object instead of WP-Members default login error. This can be enabled in the WP-Members main Options tab.
When login lockout is enabled in the Security Options, you will have an additional settings tab – Login Lockout. This will allow you to set the following:
Max Login Retries
This is the number of retries a user can have within the set amount of time (specified in “Retry Time Period Restriction”)
Retry Time Period Restriction
Amount of time that determines a log lockout. For if “Max Login Retries” is set to 3 and “Retry Time Period Restriction” is set to 10, then if a user has 3 failed login attempts in a 10 minute period, they will be locked out for the lockout length period (defined below).
Lockout Length
The period of time a user will be locked out once a lockout is triggered (based on max retries in the retry time period; see above). The default is 60 minutes (1 hour). This setting is in minutes only!
Managing Locked Out Users
You can manage locked out users in Dashboard > User Lockouts.
This screen will list all user lockouts by user, email, and IP address. It will list the lockout time and unlock time.
If the user is an active lockout, there will be a red padlock displayed in the “Release” column. To manually remove a lockout from a user, click the padlock for that user and the lockout will be removed.