WordPress Two Factor Authentication (CMAUTH) - How To - Restrict User Login By Number of Devices
Restricting User Login by Number of Devices
By number of devices | By number of IPs
What is This Feature?
With the WordPress Two Factor Authentication plugin, you can restrict certain user roles from logging in from too many different devices.
How It Works:
- You set how many devices types are allowed for each user role
- When a user logs in, his user agent is registered
- If the user tries to log in using a new device and the device quota is full, the attempt will be blocked
The plugin identifies each device by device type+browser. For example, pc-Chrome
Use Case: Only Two Devices At a Time
Let's say John Doe has an Editor role and access to sensitive information. He shares the account with Jane.
- Enable "Restrict user devices"
- Limit the amount for Editor users
- Set "Maximum number of devices allowed to user" to 2.
Now, John's account can only be used from two specific devices - the first ones he used to log in
Head to Admin Dashboard → CM Secure Login → Device tab.
- Restrict user devices - Enables the feature.
- User roles - Mark which roles will be affected.
- Maximum numbers of devices allowed by users - Choose a number, 1 or higher.
Specifying Devices For Each User - Details
You can also choose which user agents can log in to each user account.
Start by editing that user from Admin Dashboard → Users → All Users → Edit the relevant user.
Scroll down to the "CM Secure Login: Protection by devices" section.
- Check how many devices are allowed
- Enable or disable specific user agents and delete them from the list
- Save the current selection of user agents
Trying to enable an invalid number of devices will result in an error.