PeepSo Documentation

Login & Logout Options

PeepSo login and logout options are scattered on multiple locations to make more sense with backend layout and navigation.

Remember Me Option

Find this setting in WP Admin -> PeepSo -> Configuration under “Login & Logout” panel.
If enabled, every remember me option will be automatically checked.

Redirection Options

If you wish to redirect users after login or logout, you can do this in WP Admin -> PeepSo -> Configuration -> Navigation under “Login and Logout” panel.

Login Nonce Check

Since 2.7.7.
The admin can now disable the security nonce check during PeepSo login.
This should prevent PeepSo login failed error on highly cached systems, while using third-party caching plugins like WP Rocket, W3 Total Cache, Litespeed, or other similar plugins that return login failed error during the login, since PeepSo will stop validating the (potentially over-cached) security login nonce. Using this setting is generally not recommended, as it lowers the systems resilience against brute force attacks, but it will be reasonably safe in a properly configured and secure environment with brute force protection enabled.

Find this option in WP Admin -> PeepSo -> Configuration -> Advanced under the Login Security panel

Brute Force Protection Settings

  • Minimum password length
    Applies only to new passwords. This was introduced as a setting after a user pointed out on our registration there’s just a simple 6 character password being required. We made this configurable with a new default minimum of at least 10 characters per password. The minimum password length is a new feature and not really related directly to the brute force settings. Nevertheless, it is related to login security. It doesn’t matter whether the brute force protection is enabled or not, the minimum password length setting is self-contained.
  • Block login after
    Maximum failed attempts allowed.
  • Block for
    hours: minutes – how long to block login attempts after the above limit is reached.
  • Email Notification
    Send an e-mail notification to the user, warning them about failed login attempts.
  • Enable additional block after
    Additional security when users block themselves repeatedly.
  • Additional block length
    How long to block login attempts when additional security is triggered.
  • Reset retries after
    How long it takes for the system to “forget” about a failed login attempt.
  • IP whitelist
    list of IP addresses whitelisted from brute-force protection, one IP per line

Resetting Password

since 2.8.0.0, admin can now define a custom delay between password reset requests (brute force protection). You can find this setting in WP Admin -> PeepSo -> Configuration -> Advanced -> Security panel

Note: All these settings will only work on PeepSo login forms and PeepSo widgets. This settings will not take effect if you decide to use third-party login forms or widgets.