Securityonehundredandtwo wrote:Just out of interest, why do you think forums would need to see when users have logged in and out? Maybe this would be better left as a MOD/plugin/whatever system phpBB4 will use?
Imagine if a staff member was hacked, they don't change their password and then they could login to their account and do what they want. They could have staff member access for months if they were sensible about it but you could check a, if it was a staff member that did an action, who has been logging into that persons account and when ect.,