Adaptive Login Form: Adjusting compromise between Comfort and Paranoia.

Conception:

2 Conception’s:
1. “Zero Trust Mode”
Recommended for small groups of regular Users with a Static IP Address.
Not recommended for Dynamic IP Addresses or Mobile Users.

If my current IP address is not marked as Dangerous since my last successful login, then there is no need to distrust me and force me to go through Quests to solve different types of Captchas.
In this case, the standard “Password” field is sufficient for one attempt.

But if the Attempt is unsuccessful, then we mark the IP address as Dangerous, and then it is possible and necessary to trick me (or the one who is trying to be me) with a more thorough login procedure.

There may be multilevel options. It doesn’t matter (this will be gradually added to the functionality). We are now talking about the General Principle.

2. “Dynamics IP Mode”
Recommended for mobile Users with a Dynamic IP Address.
Not recommended for Static IP Addresses.

If the User’s previous login was successful, their next authentication is performed using a simplified method.
Simply enter the correct password. However, only one attempt is allowed.
If the password was entered incorrectly, an additional security element is added to the login form: the “Secret Key” field.

= Futured =

* Separate statistics are generated for each IP address and the ratio “Successful number of entries” / “Total number of entries” is determined. Depending on how close this parameter is to 100%, we can talk about the need for the Toughness of the Mistrust process.

This mechanism starts before the User enters his Login.

The more Unsuccessful Login attempts occur from a given IP Address, the more thoroughly it is checked.
Conversely, the Login procedure can be simplified as much as possible if there is no obvious reason.

* Regardless of what kind of Authentication Error occurred, be it:
– Invalid Username;
– Invalid User Password;
– Incorrectly specified additional security elements: “Secret Key” / Captcha / etc.
This will not be indicated in the error message. There will always be only one message: “Authentication Failed”.
Thus, we do not explicitly indicate to the potential Villain / Bot the reason for the denial of access. And the more such Reasons there are, the more complicated the Entry procedure becomes.

* If multiple consecutive unsuccessful login attempts occur, a Restrictive Timeout may be activated for the given User.

* Интегрирован с плагином “New Users Monitor“.

Version: 2.10.1 (2026.03.01) You can download it from here

Download “adaptive-login-action.zip” adaptive-login-action_v3.11.zip – Downloaded 736 times – 19 KB

Or from the Official WordPress Repository

== Installation ==

1. Upload ‘adaptive-login-action’ folder to the `/wp-content/plugins/` directory.
2. Activate the plugin through the ‘Plugins’ menu in WordPress.
3. If you have any problems – please ask for support.

== Frequently Asked Questions ==
* After installation, with default settings, at the first login attempt, what should be entered in the “Secret Key” field?
– Nothing! Just leave this field blank. But after logging in, go to the settings and set “Secret Key”.

== Screenshots ==

1. screenshot-1.png This is the “Login Form” with “Adaptive Login Action” – Mode: Normal.
2. screenshot-2.png This is the “Login Form” with “Adaptive Login Action” – Mode: Security.
3. screenshot-3.png This is the “Login Form” with “Adaptive Login Action” – Mode: Security. 1 Attempt left before Blocking.
4. screenshot-4.png This is the “Login Form” with “Adaptive Login Action” – Mode: Security. Access temporarily blocked.
5. screenshot-5.png This is the “Adaptive Login Action” Options page.

Pleasant in all respects Theme “GeneratePress”. But there was a need to slightly improve the interface. With vertical page scrolling, the horizontal Menu should sticky at the top of the window.

Sorry for Google translation ((

It was decided to do without plugins.

1. To child-Theme copy the file: header.php from the original Theme.
2. Make changes:

... str.11

if( wp_is_mobile() ){
	// If this is a mobile device
	$Mobile = 1;
} else {
	$Mobile = 0;
}

if ( is_user_logged_in() ) {
 // Top position Menu correction, if the User is logged in. (admin or users.)
 $MenuBar_Correction = 1;
} else {
 $MenuBar_Correction = 0;
}

... str.28
<head>
 ...
</head>

<script>
 // Making a sticky menu.
 jQuery(document).ready(function(){
 var Mobile = <?php echo $Mobile;?>;
 var MenuBar_Correction = <?php echo $MenuBar_Correction;?>;
 var stickyHeaderTop = jQuery('#site-navigation').offset().top;
 var window_scrollTop;
 var AdminBar_H = 0;
 var AdminBar_Position;
 var MaxWidth_Content = jQuery('#site-navigation').css('max-width'); 
 MaxWidth_Content = parseInt(MaxWidth_Content, 10); 
 
 if (Mobile == 1) {
 // Do not use Sticky for mobile devices, because opened menu can go beyond the bottom of the screen.
 return;
 } 
 
 // React to the Scroll
 jQuery(window).scroll(function(){
 RepositionMenu ();
 });
 
 // Respond to changes in screen size
 jQuery(window).resize(function(){
 RepositionMenu ();
 });
 
 function RepositionMenu () {
 // Making Sticky-Menu, if there is a condition.
 window_scrollTop = jQuery(window).scrollTop();
 
 if (MenuBar_Correction == 1) {
 AdminBar_Position = jQuery('#wpadminbar').css('position');
 
 if (AdminBar_Position == 'fixed') {
 // Correction Sticky-Menu top position, if User loged in and AdminBar is fixed (depends on the width).
 AdminBar_H = jQuery('#wpadminbar').height();
 }
 }
 var Top_Sticky = AdminBar_H + 'px'; 
 
 if( window_scrollTop > stickyHeaderTop ) {
 // Sticky-Menu ON
 var Width_Menu = jQuery('#site-navigation').width();
 
 if (Width_Menu < MaxWidth_Content) {
 jQuery('#site-navigation').css({
 position: 'fixed', 
 width: '100%', 
 top: Top_Sticky,
 left: '0px'
 }); 
 } else {
 jQuery('#site-navigation').css({
 position: 'fixed', 
 width: '100%', 
 top: Top_Sticky,
 left: 'calc((100% - ' + MaxWidth_Content + 'px)/2)'
 }); 
 }
 } else {
 // Sticky-Menu OFF
 jQuery('#site-navigation').css({
 position: 'relative',
 left: '0px',
 top: '0px'
 });
 } 
 }
 }); 
</script>

In fact, that’s all.
As a result, we get the following: As soon as we start scrolling the page down, and the horizontal Menu reaches the top of the window, then it – this Menu sticks and remains in place with further scrolling.
Scrolling up the page, as soon as we reach the position of the initial location of the horizontal Menu, it again comes off and moves along with the content of the page.

The proposed option copes with the situation when the width of the content is limited and the window can be wider and the restrictions already set.

For mobile devices (not to be confused with just a narrow screen, manually shifted), the behavior is different. The script simply turns off and the menu behaves as usual.
This is done in order to avoid situations where the number of items and sub-items in the Menu when it is opened exceeds the screen size (usually in a horizontal layout) and it becomes inconvenient to use such an interface.