Hi Mark,
I am adding my vote to support blocking specific "admin" login attempts in addition to the two current features of "Immediately lock out invalid usernames" and "Prevent users registering 'admin' username if it doesn't exist".
The main reason I see the high need for this specific feature is for those of us who are running communities of sites, and who don't want to block legitimate users who cannot spell their own username. This is the only reason why I don't have the current block feature enabled right now. In my mind, if someone legitimate wanted to try the 'admin' username, they deserve to be blocked.
There are two different ways I could see this being implimented:
- Adding a checkbox selection to the list next to the other two features, and/or making it a radio button option for (Immediately block all invalid users / Immeditately block admin login attempts / Standard blocking).
- Adding a textbox or text area where we could manually type a comma separated list of usernames to block. We could then manually type in 'admin' and any other username we would want to block. You could combine this with the registering restriction feature and say that usernames included in this field will not be allowed to register, and they will be immediately banned if someone tries to login to them if they are not a valid username. (Adding an alert if a valid username exists that is in this banned list would help keep banned and current usernames from overlapping.)
These are two ideas I see for solving the issue we are suggesting. If I were to pick one of them, I would choose #2 because it seems to be the more powerful and flexible of the two options.
Please reply with questions and/or other thoughts.
~Cam
