IP変更後または非アクティブアカウント後のメール認証ログインを強制するプラグインまたは既存の機能

jimmy0017 · 2025 年 10 月 22 日午後 9:24

I am wondering if there is existing features in discourse or a plugin that can achieve this:

When the user is inactive for amount of period (like 30 days), when they login, it requires an email verification or 2FA.
When the user login change IP suddenly, also triggers an email verification or 2FA.

This can help hacking inactive account

Moin · 2025 年 10 月 22 日午後 10:15

There is GitHub - discourse/discourse-auto-deactivate: This plugin will automatically deactivate stale users so that they need to recomfirm their email in order to login in again

I know Discourse checks staff logins based on their location and sends them an email if the location of the new IP is more than 100 kilometers away from the other known locations. Suspicious logins are also shown in the security reports on the admin dashboard.

トピック		返信	表示
Forcing users to reverify email Feature	8	137	2025 年 10 月 19 日
Auto-activate new users Support	27	4436	2023 年 8 月 12 日
Repeat verification Support	3	341	2020 年 1 月 9 日
Password reset email should send IP info Feature	46	2969	2021 年 2 月 18 日
Allow user to change email address before verification Feature	16	3789	2017 年 10 月 28 日

IP変更後または非アクティブアカウント後のメール認証ログインを強制するプラグインまたは既存の機能

関連トピック