Melapress Login Security

2.3.0 (2026-01-26)

• New features

  • Added a new feature to manually lock users and prevent them from logging in.
  • Added a new setting in the Temporary logins setting to exclude temp users from 2FA enforcement.
  • Implemented a custom plugin deactivation form to assist with user feedback collection.
  • Implemented a new setting that allows admins to control the number of password reset emails sent on login attempts to user with expired passwords.

• Plugin improvements

  • Refactored the Freemius SDK licensing components for better maintainability.
  • Improved the help texts across multiple plugin pages and fixed some typos and made them more consistent and clear.
  • Updated some URLs in the Free edition “Premium features” page, and added a few more help texts across the plugin.

• Bug fixes

  • Fixed: A visual bug affecting Reports page when there are no users present in the tabs.
  • Fixed: A variety of user-reported PHP warnings Warning: Attempt to read property “ID” on false inside /class-failed-logins.php.
  • Fixed: User exclusion dropdown on Settings page now correctly extracts user suggestion while typing.
  • Fixed: an edge case where unlocked users with WP 2FA could login without required password reset.
  • Fixed: Fixed a few bugs related to the “Reset all users” feature affecting email deliverability of password reset emails.
  • Fixed: a user-reported Fatal error: Uncaught TypeError: strtotime(): inside /app/class-melapress-login-security.php on line 497.
  • Fixed: {reset_url} tag now correctly generates password reset URL in email templates.
  • Fixed: Password expiry notice showing again after dismissal when “show again” option is disabled.

Refer to the complete plugin changelog for more detailed information about what was new, improved and fixed in previous version updates of Melapress Login Security.