Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By Brian.Harris on
Let me start of by saying i maybe using the wrong terminology in my title, but essentially this is what i'm looking for.
User A: logs into drupal using "example" username.
User B: hacks/guess's the password for "example" and logs in.
Both logged in at the same time.
Is there anyway to to prevent this from happening? or possible if the user has logged in from multiple ip address within x minutes lock the account?
I've looked through the security modules and it doesn't look like anyone has done this.
any insight would be great. this could really be a cool and useful module for us security minded admins.
Comments
Module that limits the number of concurrent sessions
There is a module to limit the number of concurrent sessions that a single user can have with the option to log-off other sessions on subsequent logon.
http://drupal.org/project/session_limit
-----
iDonny Productions: Accessibility & Web Standards-based Design & Devt., CMS & Web Branding
Thanks so much. this is a
Thanks so much. this is a great starting point. i'll have to modify the code to make it do what i want.
thanks again.