Prevent users from logging in to your Drupal site unless they know the secret key to add to the end of the ?q=user login form page.

If a user does find out about the secret key they will still have their user account role checked during authentication. If they do not have the 'bypass disabled login' granted they will be refused access and displayed a customisable "denied" message.

Project Information

Downloads