Account Shield - Magento 2
Account Shield Magento 2 module is implements the user authentication security methods such Account Lockout, Password Expiry etc outside Default Magento 2 protection engine.
- Prevent a Customer or an Admin user fails certain number of login attempts due to invalid password then that user's account will be locked out for certain time period.
- Configured maximum login attempts in Admin.
- Unlock those account were marked as Locked.
- Slowing down online password guessing attacks.
- Protect from the spam bot attacks etc.
- Of course, this protection was outside from default Implemented Magento Security Modules
Configure and Manage the Account Shield
- Enable - Enable or disable an Account Lockout.
- Threshold - Number of consecutive failed sign in attempts. (Default is 3).
- Interval Duration - Number of seconds defined how long an account will remain as locked out (Default is 900 Seconds)
Installation with Composer
- Connect to your server with SSH
- Navigation to your project and run these commands
composer require ghoster/accountshield php bin/magento setup:upgrade rm -rf pub/static/* rm -rf var/* php bin/magento setup:static-content:deploy
Installation without Composer
- Download the files from github: Direct download link
- Extract archive and copy all directories to app/code/GhoSter/AccountShield
- Go to project home directory and execute these commands
php bin/magento setup:upgrade rm -rf pub/static/* rm -rf var/* php bin/magento setup:static-content:deploy
If this project help you reduce time to develop, you can give me a cup of coffee :)