Support

Admin Tools

#11295 Email on succesful frontend login

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by user58212 on Tuesday, 28 February 2012 04:31 CST

Tuesday, 28 February 2012 02:01 CST

user58212
Hi Nikolas,

Would it be a nice feature if it where posible to get mails from admintools whenever someone succesfully logs in to the frontend, including userid password?

It would help me monitor the site better when i know which users login to the frontend.

Of course i can see there last login dates and time in the backend, but this would be nice i think.

thanx again,

roy

Tuesday, 28 February 2012 03:02 CST

nicholas
Well, I would never create a feature which would give you the password of a successful login. That would be extremely insecure. Having an email everytime someone logs in to your site? This is not a very good idea and certainly not an exact science. It would only show you who has used the login form. If they are returning visitors (their session expired but they have a "Remember me" cookie) they are silently logged in. This won't be caught by any Joomla! plugin. Moreover, getting an email every time someone logs in will result in an avalanche of emails and I can't see any security benefit from that. It just sounds as if you want to collect all users' passwords?!

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 28 February 2012 03:15 CST

user58212
Hi,

well, no i do not want to collect the passwords. I just thought it would me a nice feature if you could activly see which users used the form.

Of course the emails when users login incorrectly are super and enough.

I just had i thought that it would be usefull.
But you are right saying it could be an avalanche of mails.

thanx for thinking with me and untill next time :-)

roy

Tuesday, 28 February 2012 03:53 CST

nicholas
I had originally (read: 18 months ago) thought of using a log table to log who logs in and when. The problem is, the table would fill up with hundreds of thousands of records. In the meantime I found out that it didn't give me any useful analytics, so I scrapped that idea. Instead, searching the server access logs for the login form's target URL is a good measure of how many people try to log in in a given period of time. Maybe that's what you're looking for?

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 28 February 2012 04:13 CST

user58212
Yep that is also possible.
I can also just look in de user manager of joomla to see when someone logged in.
maybe in time you could make a sort of a scanner which accesses this info and displays a list of loggins?

the thing is that scanning the access log is not as easy as just having the component display who logged on in a table.

or maybe your idea can be used but with an auto purge option which purges the logging table so that it only had last months logging?

Tuesday, 28 February 2012 04:22 CST

nicholas
Well, the access log is a plain text file, but it's inaccessible to Joomla!, ergo what you ask is not possible. You can, however, scan it very easily manually. Logging logins does not serve any security purpose, therefore that's not a feature I am particularly interested in including in Admin Tools. The only security-related logging which makes sense is a. failed login attempts (can indicate someone trying to brute force your username/password) and b. administrator logins. Both are being logged by Admin Tools, so I consider the login-related features complete.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 28 February 2012 04:31 CST

user58212
Yes i think you are right.
Let forget the idea i had :-)

Until another idea hits me i wish you a good day,
roy

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!