Hi,
One of my customers plans to start a self service password reset project and is conducting some preliminary research - one feature he looks for, is the ability to assign permissions (to access authenticated modules) based on users ip address (kind of “geo fencing”).
He is aware of the setting to generally allow / disallow some ip addresses (Settings - Security - Web Security - Permitted IP Network Addresses) – but his use case is to allow update profile only from trusted ip networks, whereas forgotten password should be accessible from all ip networks.
Regards,
N.