ivankruchkoff
2 usefull suggestions
Hello Ivan,
First of all, thanks for this plugin. This post is my first one on GitHub. I've 2 main suggestions that could improve your plugin and that I need as I suppose, many WP users. I appreciate the simpliest way your plugin provide the function to reach.
1. Login restriction: To set up an exclusive login per user
Any time I log even my administrator account, WP let me know on my WP Profil, that other connection have been done in the same time (that happen after some other more manual connection done during the last year). This problem make an other plugin unusable. "Two Authentification Factor" occur an error about wrong TOTP code even not dialed). Yours is working almost fine actually. That issue is due to my specific context, but it remains possible for others (I've escalate general major securities issues about 2FA for PhpMyAdmin to hoster like OVH that block currently this possibility available from PhPMyAdmin). This kind of huge hosters let exposed ftp login prompt to brute force attacks that let the login information accessible as well to PhpMyAdmin (any user has to be desactivated for the moment despite the problems that occur for a website administrator). Your plugin after setting up of a prefered IP connection, could make possible to add an exclusive One User Connection /time. I mean to let connection happen, and then to close any other and prohibit any other dual connection with the connected user account.
2. Usefull extended function: Make 2FA possible to set for any role
Roles like "customer" that haven't access to the WP dashboard due for instance to Woocommerce rules. Could you make the 2FA adjustable directly thanks a shortcode to use from the frontend (on the "my-account" page of woocommerce for example? That would be a real "+" for your plugin. No problem for a user like me to pay for your plugin and thanks anyway for your consideration of this e-mail.
Best regards,
