Account Sentinel perceives changes made to a configurable set of monitored roles' accounts, even those that are results of direct database modification (e.g. SQL injection). A set of e-mail addresses can be configured to be notified when such a change is detected, also a log of changes can be viewed in Drupal and via Drush for manual review.

Get started

Install as you would normally install a contributed Drupal module. See: for further information.

After installation consult README.txt for configuration instructions.

How it works

After you have set which roles should be monitored, Account Sentinel will detect any changes made to them or to users that receive such roles.

Types of changes detected

Account Sentinel can detect the following events:

  • changed username
  • changed password
  • changed e-mail address
  • monitored role granted
  • monitored role revoked
  • user created with monitored role(s)
  • user deleted
  • user blocked
  • user unblocked
  • user's snapshot is missing
  • user's snapshot is invalid

Change detection methods

Changes made to users inside Drupal are caught with the user core module's hooks. Other changes that are made outside of Drupal are detected by comparing users' data to Account Sentinel's own snapshots of monitored users periodically. This periodic audit can be attached to Drupal's own cron, or a separate cron job can be made for the module specifically.

Additional features

If the Password Strength module is enabled, Account Sentinel will also collect information about changed passwords' strength.

Supporting organizations: 
Ongoing development

Project Information