Emergency Management -- WordPress 插件

开发者	mitfi
更新时间	2026年4月20日 13:45
PHP版本:	7.4 及以上
WordPress版本:	7.0
版权:	GPLv2 or later
版权网址:	版权信息

WP Access Control Center is a powerful security control center for WordPress administrators who want full control over authentication, sessions, and password policies. Take control of your site’s access layer with real-time session monitoring, flexible two-factor authentication, and powerful emergency tools — all in one place. 🛡️ Security Overview Dashboard 📊

General indicator about the current site security status
Status overview about the most important security settings
Live view of main session KPIs (refresh: 5s)
Next step recommendations to get your site more secure
Can be made sticky to stay visible when scrolling down

🔐 Two-Factor Protection

Email-based verification codes
TOTP support (Google Authenticator, Microsoft Authenticator, Authy, etc.)
Role-based enforcement
Grace periods for smooth rollout
Backup codes for account recovery
Trusted devices to reduce login friction

👁️ Live Session Control

Real-time overview of all active sessions (AJAX-powered)
Inspect session details and parameters
Instantly terminate individual or all sessions
Monitor user activity as it happens

🔑 Password Policies

Enforce password strength requirements
Prevent password reuse
Define role-based password expiration
Real-time feedback during password creation

⚡ Bulk Password Reset

Reset passwords for roles or selected users
Optionally terminate related sessions
Automatic email notifications (fully customizable)

🔄 Security Key Rotation

One-click regeneration of WordPress KEYs & SALTs
Immediately invalidates all active sessions
Essential for incident response

⏱️ Advanced Session Control

Configure session lifetime per role
Separate rules for "Remember Me"
Automatic cleanup of expired sessions

🎨 Login Experience Designer

Customize the 2FA login page
Background images (outer & inner)
Flexible CSS customization
Safe defaults – no changes unless configured

No external services required. Everything runs locally within your WordPress installation.

3.2.0.8

(New) Two buttons added above the sessions view: 'Open all Detais' and 'Close all Details'.
(Fix) Added index.php (WordPress dashboard) as a target for the important plugin messages.

3.2.0.7

(Tweak) Security overview dashboard session messages refined.

3.2.0.6

(New) Additional session data (related to admins) in the security overview dashboard.
(New) Additional data pills above the session view for a comprehensive overview.
(Fix) A few messages updated for better clarity.
(Fix) Added update.php as a target for the important plugin messages.

3.2.0.5

(Fix) Session KPIs in security overview dashboard corrected.
(Fix) Naming of view pills above the session live view changed for clarity.

3.2.0.4

(Fix) Added update-core.php as a target for the important plugin messages.

3.2.0.3

(New) Additional session data in the security overview dashboard.
(Tweak) The 'recommended next step' logic was further enhanced.
(Tweak) Code optimizations.

3.2.0.2

(Fix) A few minor fixes.

3.2.0.1

(Fix) CSS feature corrected.

3.2.0.0

(New) Emergency Management is now 'WP Access Control Center' (name slug remains unchanged).
(New) Introduced a 'Security Overview Dashboard' with live sessions, valuable security status information and recommendations to act.
(Tweak) UI/UX appearance was rebuilt and internal structures were refactured for future growth.
(Tweak) Logic for debug session tokens (column 'User Meta Session Tokens' in Live Sessions) was refurbished.
(New) New messaging system introduced for enhanced admin info upon plugin installation and update.

3.1.0.0

(New) 'Challenge Appearance' tab added with CSS styling options, including images, for corporate branding.
(Tweak) More email placeholders were added.
(Tweak) 2FA help tab expanded.

3.0.4.3

(Tweak) 'Security' tab renamed to '2FA Security'.
(Tweak) In the '2FA Security' tab, the two columns of the roles policy for 2FA method display were switched for better alignment in case of long role names.
(Tweak) A few other UI/UX improvements.

3.0.4.2

(Tweak) Moved the default WordPress session duration override to a more appropriate place on the related admin page.

3.0.4.1

(New) Online debug feature for visible session token data (in column other stored parameters) added in related user meta session tokens.

3.0.4.0

(New) Optional global WordPress session duration override added.
(New) Delayed PWA recognition added with post-login influence to session duration as defined by the admin.
(Tweak) 2FA help tabs improved with more information.
(Tweak) Messages added and some messages corrected for clarity.
(Tweak) 2FA tabs partially renamed.
(Tweak) A few improvements for stability.

3.0.3.1

(Fix) A few minor corrections.

3.0.3.0

(New) Added a separate session duration option for PWA logins.
(Tweak) Added backward compatibility for older password reset email contents.

3.0.2.0

(New) Help tabs for session management added.
(Tweak) All help tabs optimized.
(Tweak) Messaging and related strings optimized.
(Fix) Last missing nonces, sanitizing and escaping completed.

3.0.1.0

(New) 2s session view refresh added incl. potential high server load warning.

3.0.0.0

(New) Introduced a smart session management with smooth live view (AJAX) and anonymized data for privacy adherence.
(Tweak) CSS improvements.
(Tweak) Flexible plugin data deletion upon plugin being deleted.

2.0.4.0

(New) For convenience, in the user profile, backup code generation was as well tranferred to AJAX.
(Tweak) Minimum password expiry days moved from 10 days to 1 day as per user request.

2.0.3.0

(New) For a smoother UI/UX, AJAX is now being used for secret generation and TOTP activation.

2.0.2.0

(New) Handling of multiple roles with different 2FA requirements added (strictest rule wins).
(New) Introduction TOTP enforcement in case of TOTP only.
(Tweak) 'Remember Me' warning fires only if the related tab is being saved. Authenticator App 'otpauth://totp/' data updated. Placeholder for issuer input added.

2.0.1.2

(Fix) Input type for Backup Codes corrected.

2.0.1.1

(Tweak) Also serving AJAX/JSON during login redirect.

2.0.1.0

(New) Rendering a custom 2FA challenge form to achieve full independence from wp_login and other login-related plugins (e.g. Theme My Login), while also preventing potential conflicts.
(Tweak) Convenient bidirectional navigation between Site Security and Two-Factor Authentication settings.

2.0.0.1

(Fix) Avoid conflict with agressive plugins during menu registration.

2.0.0.0

(New) Introduced Two-Factor Authentication (2FA), featuring: Email Codes, Authenticator Apps (TOTP), Backup Codes and Trusted Devices.
(New) Introduced role related control of session duration (with and without 'Remember Me').
(Tweak) Adjusted a few strings for better clarity.

1.4.5.1

(Fix) Ensure in all cases that a password cannot be reused upon password expiry, even if password strength monitoring has been switched off.
(Fix) Ensure that the password reuse limit is 0 if the password strength monitoring is switched off.
(Tweak) Reorganized the use of hooks for stabile performance.
(Tweak) Updated some messages and some minor fixes.

1.4.5.0

(New) Added functionality to define the number of previous passwords not allowed to be reused.
(Tweak) Re-engineered a few functions for better performance.
(Tweak) Optimized names of functions, variables/constants, slugs and classes for robustness

1.4.4.0

(New) Placeholders for email text may now be copied by a mouseclick or by <TAB> and <ENTER>.

1.4.3.0

(New) {user-profile-url} added as placeholder for email text.
Thorough test with WordPress 7.0 version.

1.4.2.0

(Tweak) Adjusted the password maximum length limit.

1.4.1.0

(Tweak) The role names will now be translated (as far as available).
Tested successfully with WordPress 6.4.

1.4.0.3

Minor language corrections

1.4.0.2

Correction of version indication in help screen
Minor language corrections

1.4.0.1

Minor adjustments for wp-config.php
Thorough test with Wordpress 6.1.1 version.

1.4.0.0

Corrected erroneous password-strength-reset behaviour (introduced previously by error).
Corrected password reset behaviour for roles under certain conditions.
Added timestamp for KEYs & SALTs in config.php.
Compatibility improvement #1 for PHP 8.0.
Global strings translation optimized.
Improved settings for email editing and added editor class 'mfem-email-editor' for CSS control.
A few smaller improvements.
Tested successfully with WordPress 5.7.2.

1.3.2.0

Password changes by user profile are now fully covered as well

1.3.1.0

Bug in password reset corrected: timestamp during user registration and password reset was not properly stored before

1.3.0.3

Tooltips added
Password expiry messages adapted (colors and content)

1.3.0.2

Table format optimized for small screens (horizontal movability)

1.3.0.1

Updated some text

1.3.0.0

Added password expiry function by roles (password reuse is then prohibited as well)
Compatibility with the plugin "Theme My Login" has been secured
Optimized forms when using the key

1.2.2.1

Removed unnecessary (direct) links to KEYs & SALTs renewal

1.2.2.0

Tested ok with Wordpress 5.7
Fixed issue with saving eMail text under certain conditions
Changed German translation to default (informal)

1.2.1.2

Tested ok with Wordpress 5.6.2

1.2.1.1

Minor bug fix for correct version display in help tab area
Minor bug fix to stay in selected admin tab upon action

1.2.1.0

Admin Tabs added for a more structured administration

1.2.0.0

Missing translation string added
Admin submenu and plugin action link selection for SALTs renewal will delete all sessions as well (as recommended)

1.1.9.1

Missing translation string added

1.1.9

Added admin help sidebar

1.1.8

Corrected behavior: in some cases, password wasn't reset (and eMail wasn't sent) when sessions were to be deleted in parallel.

1.1.7

Tested successfully with WordPress Version 5.6.

1.1.6

Prevent password lengths < 8 (security) and > 20 (WordPress database limit).
Prevent inadvertent form submits by the RETURN key.

1.1.5

Error in password check corrected!!
Increasing the size of the special character subset for the password check.

1.1.4

The detailed explanations and hints were moved to the standard admin 'help' tabs at the screen top.
The 'help' tabs include the Q&As (to be extended regularly as they will be growing).

1.1.3

Make sure that the local plugin translations are loaded, if they are provided with the plugin for the selected language. Otherwise, load the ones provided through the WordPress translations, if any. This is (was) due to my experience that the proper SVN version synchronization with the WordPress languages directory has been found failing... (--> Has been removed in 1.2.0.0)
Minor code and translation improvements.

1.1.2

Minor code improvements.

1.1.1

Corrected the relative path to the translations.

1.1.0

Added the ability to just delete selected roles' or user's sessions as a separate function.

1.0.2

Minor code improvements.

1.0.1

Improved checking and feedbacks regarding the email content.
Prevent the password reset button from being pressed as long as the email text has not yet been set.
Re-arranged the structure for the success, warning and error messages.
Minor corrections in textual explanations and German translation.
Improvements in the code to comply with WordPress coding standards.

1.0.0

First stable version with all initial features.

WP Access Control Center

标签

下载

详情介绍:

安装:

屏幕截图:

升级注意事项:

常见问题:

更新日志: