Àpèjúwe

Guard Dog is a comprehensive security plugin designed to protect your WordPress site from unauthorized access and brute-force attacks. With features like custom login URLs, two-factor authentication, and multiple CAPTCHA providers, Guard Dog provides enterprise-level security for any WordPress site.

Key Features:

Custom Login URLs Ìtumọ̀ Yorùbá: – Hide your wp-admin and wp-login.php from attackers
Two-Factor Authentication (2FA) Ìtumọ̀ Yorùbá: – TOTP-based authentication with recovery codes
Social Login (OAuth) Ìtumọ̀ Yorùbá: – Sign in with Google, Microsoft, or Apple
Passkeys Ìtumọ̀ Yorùbá: – Use device-based biometric authentication like Face ID, Touch ID or Windows Hello
Multiple CAPTCHA Providers Ìtumọ̀ Yorùbá: – Support for Google reCAPTCHA v2/v3, hCaptcha, and Cloudflare Turnstile
Login Attempt Limiting Ìtumọ̀ Yorùbá: – Prevent brute-force attacks with intelligent lockout
Access Control Ìtumọ̀ Yorùbá: – IP-based whitelist/blacklist protection
Activity Monitoring Ìtumọ̀ Yorùbá: – Comprehensive logging of security events
Temporary User Access Ìtumọ̀ Yorùbá: – Create temporary WordPress users with time-limited, secure access
User Management Ìtumọ̀ Yorùbá: – Advanced user permission controls

Why Choose Guard Dog?

Privacy-Focused Ìtumọ̀ Yorùbá: – Multiple CAPTCHA options including privacy-first providers
WordPress.org Compliant Ìtumọ̀ Yorùbá: – Built following WordPress coding standards
Enterprise-Ready Ìtumọ̀ Yorùbá: – Scalable features suitable for any site size
User-Friendly Ìtumọ̀ Yorùbá: – Intuitive interface with helpful documentation
Regular Updates Ìtumọ̀ Yorùbá: – Actively maintained and updated

Perfect For:

Business websites requiring enhanced security
WordPress sites handling sensitive data
Multi-user sites with complex access requirements
Anyone wanting comprehensive protection without complexity

Additional Information

Support:
For support questions, please use the WordPress.org support forums.

Privacy:
Guard Dog respects user privacy and offers multiple privacy-focused CAPTCHA options. No data is transmitted to third parties except for CAPTCHA verification when enabled.

Security:
Guard Dog follows WordPress security best practices and undergoes regular security audits. All user input is sanitized and all output is escaped.

Third-Party Services

Guard Dog integrates with the following third-party services to provide CAPTCHA protection. These services are optional and only used when CAPTCHA features are enabled.

Google reCAPTCHA (v2 and v3)

What it is: GoogleÌtumọ̀ Yorùbá: ’s CAPTCHA service that helps protect websites from spam and abuse.

What itÌtumọ̀ Yorùbá: ’s used for:
Ìtumọ̀ Yorùbá: – Verifying that login, registration, and password reset attempts are made by humans
Ìtumọ̀ Yorùbá: – Preventing automated bot attacks on your WordPress forms

What data is sent and when:
Ìtumọ̀ Yorùbá: – User interaction data (mouse movements, time spent on page) when CAPTCHA is solved
Ìtumọ̀ Yorùbá: – IP address of the user
Ìtumọ̀ Yorùbá: – Site domain for verification
Ìtumọ̀ Yorùbá: – CAPTCHA response token

Privacy and Terms:
Ìtumọ̀ Yorùbá: – Google reCAPTCHA Privacy Policy
Ìtumọ̀ Yorùbá: – Google reCAPTCHA Terms of Service
Ìtumọ̀ Yorùbá: – Google reCAPTCHA Data Usage

Cloudflare Turnstile

What it is: CloudflareÌtumọ̀ Yorùbá: ’s privacy-first CAPTCHA alternative that doesnÌtumọ̀ Yorùbá: ’t require user interaction.

What itÌtumọ̀ Yorùbá: ’s used for:
Ìtumọ̀ Yorùbá: – Invisible verification of human users during login, registration, and password reset
Ìtumọ̀ Yorùbá: – Privacy-focused protection without tracking or cookies

What data is sent and when:
Ìtumọ̀ Yorùbá: – Non-interactive browser signals when forms are submitted
Ìtumọ̀ Yorùbá: – IP address for verification
Ìtumọ̀ Yorùbá: – Site domain for validation

Privacy and Terms:
Ìtumọ̀ Yorùbá: – Cloudflare Privacy Policy
Ìtumọ̀ Yorùbá: – Cloudflare Terms of Service
Ìtumọ̀ Yorùbá: – Turnstile Documentation

hCaptcha

What it is: A privacy-focused CAPTCHA service that doesnÌtumọ̀ Yorùbá: ’t track users across websites.

What itÌtumọ̀ Yorùbá: ’s used for:
Ìtumọ̀ Yorùbá: – Human verification during login, registration, and password reset forms
Ìtumọ̀ Yorùbá: – Privacy-conscious alternative to Google reCAPTCHA

What data is sent and when:
Ìtumọ̀ Yorùbá: – User interaction with CAPTCHA challenge
Ìtumọ̀ Yorùbá: – IP address for verification
Ìtumọ̀ Yorùbá: – Site domain for validation

Privacy and Terms:
Ìtumọ̀ Yorùbá: – hCaptcha Privacy Policy
Ìtumọ̀ Yorùbá: – hCaptcha Terms of Service
Ìtumọ̀ Yorùbá: – hCaptcha Data Processing

Google OAuth (Social Login)

What it is: GoogleÌtumọ̀ Yorùbá: ’s OAuth 2.0 service that allows users to sign in using their Google account.

What itÌtumọ̀ Yorùbá: ’s used for:
Ìtumọ̀ Yorùbá: – Authenticating WordPress users via their Google account
Ìtumọ̀ Yorùbá: – Retrieving basic profile information (name, email) to link or create accounts

What data is sent and when:
Ìtumọ̀ Yorùbá: – User is redirected to GoogleÌtumọ̀ Yorùbá: ’s authorization server when clicking “Sign in with Google”
Ìtumọ̀ Yorùbá: – An authorization code is exchanged for an access token on your server
Ìtumọ̀ Yorùbá: – Basic profile information (name, email, Google user ID) is retrieved from GoogleÌtumọ̀ Yorùbá: ’s API
Ìtumọ̀ Yorùbá: – No ongoing data sharing Ìtumọ̀ Yorùbá: – data is only retrieved during the login process

Privacy and Terms:
Ìtumọ̀ Yorùbá: – Google OAuth Privacy Policy
Ìtumọ̀ Yorùbá: – Google OAuth Terms of Service
Ìtumọ̀ Yorùbá: – Google API Services User Data Policy

Microsoft Azure AD (Social Login)

What it is: MicrosoftÌtumọ̀ Yorùbá: ’s OAuth 2.0 service via Azure Active Directory that allows users to sign in using their Microsoft account.

What itÌtumọ̀ Yorùbá: ’s used for:
Ìtumọ̀ Yorùbá: – Authenticating WordPress users via their personal Microsoft account or organizational (work/school) account
Ìtumọ̀ Yorùbá: – Retrieving basic profile information (name, email) to link or create accounts

What data is sent and when:
Ìtumọ̀ Yorùbá: – User is redirected to MicrosoftÌtumọ̀ Yorùbá: ’s authorization server when clicking “Sign in with Microsoft”
Ìtumọ̀ Yorùbá: – An authorization code is exchanged for an access token and ID token (JWT) on your server
Ìtumọ̀ Yorùbá: – Basic profile information (name, email, Azure object ID) is extracted from the ID token
Ìtumọ̀ Yorùbá: – No ongoing data sharing Ìtumọ̀ Yorùbá: – data is only retrieved during the login process

Privacy and Terms:
Ìtumọ̀ Yorùbá: – Microsoft Privacy Statement
Ìtumọ̀ Yorùbá: – Microsoft Services Agreement
Ìtumọ̀ Yorùbá: – Microsoft Identity Platform Documentation

Apple Sign In (Social Login)

What it is: AppleÌtumọ̀ Yorùbá: ’s OAuth 2.0 / OpenID Connect service that allows users to sign in using their Apple ID.

What itÌtumọ̀ Yorùbá: ’s used for:
Ìtumọ̀ Yorùbá: – Authenticating WordPress users via their Apple ID
Ìtumọ̀ Yorùbá: – Retrieving basic profile information (name, email) to link or create accounts

What data is sent and when:
Ìtumọ̀ Yorùbá: – User is redirected to AppleÌtumọ̀ Yorùbá: ’s authorization server when clicking “Sign in with Apple”
Ìtumọ̀ Yorùbá: – An authorization code is exchanged for an access token and ID token (JWT) on your server
Ìtumọ̀ Yorùbá: – Basic profile information (email, user ID) is extracted from the ID token
Ìtumọ̀ Yorùbá: – UserÌtumọ̀ Yorùbá: ’s name is only provided on first authorization; subsequent logins return only the user ID
Ìtumọ̀ Yorùbá: – Apple may provide a private relay email address instead of the userÌtumọ̀ Yorùbá: ’s real email
Ìtumọ̀ Yorùbá: – No ongoing data sharing Ìtumọ̀ Yorùbá: – data is only retrieved during the login process

Privacy and Terms:
Ìtumọ̀ Yorùbá: – Apple Privacy Policy
Ìtumọ̀ Yorùbá: – Sign in with Apple Guidelines
Ìtumọ̀ Yorùbá: – Apple Developer Program License Agreement

TOTP (Time-based One-Time Password) Standard

What it is: An open standard (RFC 6238) for generating time-based one-time passwords used in two-factor authentication.

What itÌtumọ̀ Yorùbá: ’s used for:
Ìtumọ̀ Yorùbá: – Generating secure, time-limited authentication codes for 2FA
Ìtumọ̀ Yorùbá: – Providing backup authentication when primary 2FA methods are unavailable
Ìtumọ̀ Yorùbá: – Enabling compatibility with popular authenticator apps (Google Authenticator, Authy, Microsoft Authenticator, etc.)

What data is sent and when:
Ìtumọ̀ Yorùbá: – No external data transmission Ìtumọ̀ Yorùbá: – TOTP codes are generated locally using the TOTP algorithm
Ìtumọ̀ Yorùbá: – Secret key generation Ìtumọ̀ Yorùbá: – A unique secret key is generated locally when 2FA is enabled for a user
Ìtumọ̀ Yorùbá: – QR code generation Ìtumọ̀ Yorùbá: – QR codes are generated locally for easy setup with authenticator apps
Ìtumọ̀ Yorùbá: – Code verification Ìtumọ̀ Yorùbá: – Generated codes are verified locally against the stored secret key

Privacy and Terms:
Ìtumọ̀ Yorùbá: – RFC 6238 Ìtumọ̀ Yorùbá: – TOTP Standard
Ìtumọ̀ Yorùbá: – Google Authenticator Privacy Policy (if using Google Authenticator app)
Ìtumọ̀ Yorùbá: – Authy Privacy Policy (if using Authy app)
Ìtumọ̀ Yorùbá: – Microsoft Authenticator Privacy Policy (if using Microsoft Authenticator app)

Data Handling Summary

When CAPTCHA is disabled: No data is sent to any third-party services.

When CAPTCHA is enabled: Only the specific provider you choose receives verification data. Data is not shared between providers or stored by Guard Dog beyond the verification process.

When 2FA is disabled: No external data transmission occurs.

When 2FA is enabled:
Ìtumọ̀ Yorùbá: – All TOTP operations (code generation, verification) happen locally on your server
Ìtumọ̀ Yorùbá: – No data is transmitted to external services for 2FA functionality
Ìtumọ̀ Yorùbá: – Authenticator apps only receive the initial setup QR code or secret key
Ìtumọ̀ Yorùbá: – Recovery codes are generated locally and stored securely

When Social Login is disabled: No data is sent to any OAuth provider.

When Social Login is enabled:
Ìtumọ̀ Yorùbá: – Data is only sent to the configured providers (Google, Microsoft, Apple) during the login process
Ìtumọ̀ Yorùbá: – Only basic profile information (name, email, user ID) is retrieved
Ìtumọ̀ Yorùbá: – Social account links are stored locally in your WordPress database
Ìtumọ̀ Yorùbá: – Users can unlink their social accounts from their profile at any time

User control: Users can choose which CAPTCHA provider to use, or disable CAPTCHA entirely. 2FA can be enabled/disabled per user, and users can choose their preferred authenticator app. Social login can be enabled/disabled by administrators, and users can manage their linked social accounts. All security features are optional and configurable.

Àwọn àwòrán ìbòjú

Change your WordPress login URL to your own string
Limit login attempts and set lockout duration
Enable email and app-based two-factor authentication methods
2FA configuration from the user profile screen
Two-factor authentication on the login screen
Enable site-wide blocking, IP address blocking and username blocking
Create temporary user with granular access and expiration controls
Track site and system events with the Activity Log feature
Configure AWS SES, Mailgun, Resend, SendGrid, or Google as your email provider for two-factor messaging

Àwọn ìdí

Plugin yìí pèsè 2 àwọn ìdí.

Guard Dog Account Security
Guard Dog Login Form

Ìgbéwọlẹ̀

Upload the guard-dog folder to the /wp-content/plugins/ directory
Activate the plugin through the ‘Plugins’ menu in WordPress
Navigate to ‘Guard Dog’ in your admin menu to configure settings
Configure your desired security features step by step

Quick Setup:

Change Login URL: Set a custom login URL immediately after activation
Enable CAPTCHA: Choose and configure your preferred CAPTCHA provider
Configure 2FA: Set up two-factor authentication for enhanced security
Review Settings: Adjust login limits and access controls as needed

FAQ

What if I get locked out of my site?

Guard Dog includes a temporary access feature that generates secure bypass links. These can be created before lockout occurs. If youÌtumọ̀ Yorùbá: ’re already locked out, you can disable the plugin via FTP by renaming the plugin folder.

Which CAPTCHA provider should I choose?

Google reCAPTCHA v3 Ìtumọ̀ Yorùbá: – Invisible, best user experience
Google reCAPTCHA v2 Ìtumọ̀ Yorùbá: – Checkbox verification, widely supported
hCaptcha Ìtumọ̀ Yorùbá: – Privacy-focused alternative to Google
Cloudflare Turnstile Ìtumọ̀ Yorùbá: – Fast, privacy-first option

Is two-factor authentication required?

No, 2FA is optional but highly recommended. It can be enabled per-user and includes recovery codes for backup access.

Will this affect my site performance?

Guard Dog is optimized for performance. Features like database query optimization and intelligent caching ensure minimal impact on your site speed.

IÌtumọ̀ Yorùbá: ’m getting false “IP shift” alerts showing the same IP for every user

This happens when your site is behind a reverse proxy, CDN, or load balancer (common with hosts like Kinsta, WP Engine, Cloudflare, or AWS). The proxy sits between users and WordPress, so Guard Dog sometimes detects the proxyÌtumọ̀ Yorùbá: ’s IP instead of the real visitorÌtumọ̀ Yorùbá: ’s IP.

To fix this:

Go to Guard Dog > Sessions > Settings
Scroll to “Reverse Proxy / Load Balancer”
Set “IP Detection Method” to match your setup:
- Cloudflare Ìtumọ̀ Yorùbá: – if your site uses Cloudflare (most common)
- X-Forwarded-For Ìtumọ̀ Yorùbá: – for most other proxies (Kinsta, WP Engine, Nginx, AWS ELB)
- X-Real-IP Ìtumọ̀ Yorùbá: – if your server uses Nginx as a reverse proxy
- Auto Ìtumọ̀ Yorùbá: – tries all headers automatically (default, works for most sites)
- REMOTE_ADDR only Ìtumọ̀ Yorùbá: – only use if you have NO proxy (direct connections only)
Add your proxyÌtumọ̀ Yorùbá: ’s IP addresses to “Trusted Proxy IPs” (one per line, CIDR ranges supported)
Check the “Detected IP” row to verify your real IP is shown, not the proxy IP

Important: If you are unsure, leave the default “Auto” setting. Only change this if you are experiencing false IP shift alerts or if your hosting provider has instructed you to use a specific header. Misconfiguring this can cause Guard Dog to see incorrect IP addresses, which affects IP-based blocking, login attempt tracking, and activity logs.

How do I find my proxyÌtumọ̀ Yorùbá: ’s IP address?

If youÌtumọ̀ Yorùbá: ’re seeing false IP shift alerts, the alert email will contain the proxy IP (the “new IP” that keeps appearing). You can also check the “Detected IP” row on the Sessions settings page Ìtumọ̀ Yorùbá: – if it shows your proxyÌtumọ̀ Yorùbá: ’s IP instead of your real IP, that IP should be added to the Trusted Proxy IPs list. Common proxy IP ranges:

Cloudflare Ìtumọ̀ Yorùbá: – see CloudflareÌtumọ̀ Yorùbá: ’s IP ranges
Kinsta Ìtumọ̀ Yorùbá: – typically a Google Cloud IP (e.g., 34.x.x.x or 35.x.x.x)
AWS ELB/CloudFront Ìtumọ̀ Yorùbá: – check your AWS console for load balancer IPs
Private networks Ìtumọ̀ Yorùbá: – 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16

Does it work with other security plugins?

Guard Dog is designed to work alongside other security plugins, though we recommend testing in a staging environment first to avoid conflicts.

What external services does Guard Dog use?

CAPTCHA (when enabled): Google reCAPTCHA, hCaptcha, or Cloudflare Turnstile.
Email (when Email 2FA enabled): Amazon SES, Mailgun, Resend, SendGrid, or Google SMTP.
Social Login (when enabled): Google OAuth, Microsoft Azure AD, and Apple Sign In (authorization and user profile).
IP Reputation (when enabled): DNS only: Spamhaus ZEN, CBL (abuseat.org), dan.me.uk (Tor). Optional geo: ip-api.com or ipinfo.io; geo can be turned off to use only DNS.
Geolocation (country from IP): When CDN/proxy headers do not provide country, ip-api.com or ipapi.co may be used (e.g. access control, activity log).

For details, data flows, and privacy policies, see the Privacy & Data Usage documentation in the docs folder.

Àwọn àgbéyẹ̀wò

Phuong Tong Igbe 7, 2026

I just discovered this plugin. ItÌtumọ̀ Yorùbá: ’s fantastic.

tcviper Èrèlé 11, 2026 1 ìdáhùn

After searching for quite some time for all kinds of plugins that could help with 2FA and/or Passkeys support for wordpress without having to pay for yet another plugin I found this Guard Dog plugin and apart from some caching problems it has been working like a charm! Thank you so much!

Ka gbogbo àwọn àgbéyẹ̀wò 2

Àwọn Olùkópa & Olùgbéejáde

“Guard Dog” jẹ́ ètò ìṣàmúlò orísun ṣíṣí sílẹ̀. Àwọn ènìyàn wọ̀nyí ti ṣe ìkópa sí plugin yìí.

Adam Greenwell

Túmọ̀ “Guard Dog” sí èdè rẹ.

Ṣe o nífẹ̀ẹ́ sí ìdàgbàsókè?

Ṣàwárí koodu, ṣàyẹ̀wò ibi ìpamọ́ SVN, tàbí ṣe àgbékalẹ̀ sí àkọsílẹ̀ ìdàgbàsókè nípasẹ̀ RSS.

Àkọsílẹ̀ àwọn àyípadà

1.9.39

Fix author archive protection so raw ?author=N enumeration requests stay blocked without breaking public /author/slug/ pages

1.9.38

Fix Apple social login and account linking failures after host migrations or WordPress salt changes
Add clearer provider configuration and linking failure handling for social login
Clean up orphaned social account records when linked users are deleted
Improve social login and passkey button layout on the login screen

1.9.37

Fix custom login URL requests so they redirect to the canonical host/port before loading the WordPress login screen
Keep passkey login AJAX and redirects same-origin to prevent cookie failures

1.9.36

Reorganize admin settings pages
Add Google OAuth to email provider for use with Workspace accounts

1.9.35

Fix stale cached session metadata potentially showing incorrect sessions in session management UI
Fix proxy IP fallback and preserve authentication block reasons

1.9.34

Expired sessions on frontend pages now silently degrade to logged-out state instead of redirecting to the login page

1.9.33

Add reverse proxy / load balancer configuration for accurate IP detection behind CDNs and proxies
New IP detection method setting: Auto, Cloudflare, X-Forwarded-For, X-Real-IP, or REMOTE_ADDR only
New trusted proxy IPs setting with CIDR range support to prevent IP spoofing via forwarded headers
Fix false IP shift alerts on sites behind reverse proxies (Kinsta, Google Cloud, AWS ELB, etc.)
Consolidate duplicate IP detection methods across plugin to use centralized proxy-aware logic
Add diagnostic “Detected IP” display on settings page to verify proxy configuration

1.9.32

Isolate all vendor dependencies with PHP-Scoper namespace prefixing to prevent conflicts with other plugins
Improved session management handling when using caching layers like Varnish or Redis

1.9.31

Add Google (Gmail/Workspace) and SendGrid as email provider options
Minor login page styling update when social login buttons are present
Fix email provider detection on Login Security page

1.9.30

Add social login with Google, Microsoft, and Apple OAuth support
Allow users to sign in with their Google, Microsoft, or Apple account from the WordPress login page
Apple Sign In with JWT client secret and id_token-based authentication
Link and unlink social accounts from user profile
Optional auto-linking by email and auto-creation of new users
Social login bypasses 2FA when configured (follows passkey pattern)
Activity logging for social login events

1.9.20

Fix authentication failures (passkey login, 2FA) on sites using page caching (Varnish, Cloudflare, Nginx FastCGI)
Remove dependency on PHP sessions — all auth state now uses WordPress transients with secure one-time-use tokens
Resolve WordPress Site Health critical warning about session_start() usage

1.9.11

Add user enumeration protection feature with multi-vector blocking

1.9.1

Add support for Passkeys
Add session and session management support with suspicious activity detection
Improve user flow when password policy is set and enforce 2FA is enabled

1.9.01

Fix a bug causing the Access Denied page to lose styling when using the built-in customizer feature

1.9.0

Add feature to set password strength policy and block reusing passwords
Add feature to require user email verification before login with customizable link expiration
Update email provider feature to allow using for all WordPress emails

1.8.48

Improve access control to block entire countries
Add caching for access control rules

1.8.47

Improve log exporting
Ensure WordPress 6.9 compatibility

1.8.46

Add feature to customize access denied page with built-in customizer or template override

1.8.45

Add feature to customize email template for two-factor auth code with built-in customizer or template override

1.8.44

Add WooCommerce events to Activity Log
Improve site-wide blocking message customization

1.8.433

Fix activity log error that could occur when updating a navigation menu

1.8.432

Fix “Unknown Event” event name logging in the Activity Log section to display the proper event name

1.8.431

Minor 2FA login form styling

1.8.43

Resolve AWS SDK conflict with other plugins that may use AWS environment variables
Refactor 2FA login flow to improve security

1.8.42

Code quality improvements to meet WordPress coding standards

1.8.41

Code quality improvements to meet WordPress coding standards

1.8.4

Improve Activity Log admin interface
Improve front-end styling for two-factor authentication methods when logging in

1.8.325

Added additional two-factor authentication method via email
Added email provider configuration for use with two-factor via email authentication

1.8.312

Under-the-hood refactoring of plugin settings templates

1.8.31

Update readme.txt describing third party libraries in use and what they do

1.8.3

Under-the-hood performance improvements and updates for WordPress plugin directory compliance

1.8.2

Improved debug logging to prevent potential PHP errors

1.8.1

Update activity log settings to add additional event types
Improve shortcode 2FA widget for use in custom themes using a custom login page

1.8.0

Custom login URL feature refactored to be server agnostic
Improve custom login URL support when using CAPTCHA and 2FA

1.7.0

Enhanced debug logging system with multiple log levels and export ability
Styling improvements applied to settings page

1.6.0

Added Cloudflare Turnstile CAPTCHA support
Enhanced activity logging system
NEW: Complete temporary user access system Ìtumọ̀ Yorùbá: – create actual WordPress users with time limits
Improved temporary access security with automatic user cleanup
Better mobile responsiveness for admin interface
Performance optimizations for large sites

1.5.0

Added hCaptcha support for privacy-focused protection
Enhanced two-factor authentication with recovery codes
Improved user interface and user experience
Better internationalization support
Bug fixes and security enhancements

1.4.0

Implemented comprehensive activity monitoring
Added advanced IP access control features
Enhanced temporary access system
Improved admin interface design
Performance optimizations

1.3.0

Added two-factor authentication (TOTP)
Enhanced login attempt limiting
Improved admin interface
Better error handling and logging
Security improvements

1.2.0

Added Google reCAPTCHA v3 support
Enhanced custom login URL features
Improved user management
Better admin interface
Performance optimizations

1.1.0

Added login attempt limiting
Enhanced access control features
Improved admin interface
Bug fixes and optimizations

1.0.0

Initial release
Custom login URLs
Basic access control
Google reCAPTCHA v2 support
Activity logging

Thanks you !

Great all in one protection with passkeys