Plugin or existing feature to force email verification log in after change IP or inactive account

jimmy0017 · 22 oktober 2025 om 21:24

I am wondering if there is existing features in discourse or a plugin that can achieve this:

When the user is inactive for amount of period (like 30 days), when they login, it requires an email verification or 2FA.
When the user login change IP suddenly, also triggers an email verification or 2FA.

This can help hacking inactive account

Moin · 22 oktober 2025 om 22:15

There is GitHub - discourse/discourse-auto-deactivate: This plugin will automatically deactivate stale users so that they need to recomfirm their email in order to login in again

I know Discourse checks staff logins based on their location and sends them an email if the location of the new IP is more than 100 kilometers away from the other known locations. Suspicious logins are also shown in the security reports on the admin dashboard.

Topic		Antwoorden	Weergaven
Forcing users to reverify email Feature	8	137	19 oktober 2025
Auto-activate new users Support	27	4436	12 augustus 2023
Repeat verification Support	3	341	9 januari 2020
Password reset email should send IP info Feature	46	2969	18 februari 2021
Allow user to change email address before verification Feature	16	3789	28 oktober 2017

Plugin or existing feature to force email verification log in after change IP or inactive account

Gerelateerde topics