Use getting hacked

[Xtremer360]

I'm trying to work on my CMS as right now I'm focusing on an email being sent to a user if someone attempts to login to their account and fails. I'm not sure what all information I should include in the email.  I've attempted to research the topic but have not found any useful information on the subject. Any ideas or suggestions?

[revraz]

Your account has been tried to access by IP xxx.xxx.xxx.xxx at date/time?

[Xtremer360]

I just noticed the subject meant to be "User Getting hacked" but I'm sure everyone figured it out by the post body.  And I considered that but not to sure if it'd be a good idea to include the IP address of the person hacking giving it to the person that is having their account attempted to be hacked into. Any other ideas?

[Darkbert]

we have build in a function that counts the login attempts and if the user tries more than 3 times, the account will be locked and an email will be send to the registered email address. The subject is "your account was locked for security reasons", body is: "please click on the following url to unlock your account... Sorry for the inconvenience, but this is because of the security. kind regards, our team.". A url will be generated which points to a site where the user can unlock his account by answering a question with the answer he gave us on registration. If the answer is correct, a new password will be generated, the account will be unlocked and the user get the new password at his email address. that´s it.

 

the user can change the generated password at his profile to a new one.

 

I hope I can help you with this reply.

 

Greetings from germany, Arne

[Xtremer360]

Thanks both of you.