Security

Security Questions provides administrator configurable challenge questions for use during the log in and password reset processes. Think of it like most bank website logins.

Log In Process

If enabled, depending on the selected protection mode, the log in form is altered in 1 of 2 ways:

1. To just show the username field and a submit button. Once a user enters their username, the module searches for their account, and randomly brings back one of their security questions. They then need to provide the answer to the questions as well as their password for authentication.
2. To show both the username and password fields up front, then after validating the supplied username and password, the user is prompted with a randomly selected question they have answered.

Password Reset Process

If enabled, the user is required to answer a question before the password reset process could continue.

The user register form also gets a fieldset of questions so that the user can pick what question they want to answer and a textbox for their answer.

Once logged in, the user will see a tab on their account page called "Security Questions." This page lists the questions that they have chosen to answer, and provide a link for them to edit their answer.

Features

• Admin configurable questions

This module is not intended to be a remote kill for a client's site. If that is what you need, take a look at killswitch.

What does Lockout do?
This module displays a generic off line page with a message indicating that the site owner should contact technical support. The idea being similar to cPanel's "suspended account" page. Additionally, this module should be used in a similar environment. For example, I build websites for clients and host these sites on my server. They pay me on a recurring basis for the hosting. If they become delinquent in payments and fail to respond to emails or calls, I use this as my last resort to get their attention.

How do I use Lockout?
While logged in as "User 1" visit the lockout settings page, Administration > Configuration > System > Lockout, tick the box and save. While set, one can still access the /user and /admin* sections. This will allows "User 1" to log in again and turn off Lockout.

Doesn't the core maintenance mode do the same thing?

This module provides control and sending complaints to the comments. It will help you in fighting with spam in comments.

Features:

• complaints will be sent by AJAX;
• two modes of send complaints - simple link and popup with complaint form;
• filter by content types;
• notification by email about complaints;
• supports views and rules;

Little additional info:

Author of comment can not complain about your own comment;
Each user can complain about a comment only once:

• for authorized users, verifies the user ID;
• for anonymous users, checked by IP-address.

Dependencies:
Ctools
Views

About how to work with the hooks of the module is written in the readme.txt file

For developers:
Link to complaints about the comment will be added automatically, but you can render link for complaint programmatically:

print comment_abuse_get_link($link_text, $comment_id);

How to customize popup http://drupal.org/node/1905036

Module stop mass span in comments by authenticated users.

Permission watchdog logs all changes to permissions on roles so an administrator can audit the entire history of changes to permissions.

This project