Suspicious Login Detection for Staff Users

Ensuring the security of staff accounts is critical for the smooth functioning of any Learning Management System (LMS). At Testpress, we prioritize safeguarding your data by introducing Suspicious Login Detection for staff users. This feature helps monitor and flag unusual login activities to prevent potential security breaches.

How Suspicious Login Detection Works

Our system automatically tracks and analyzes login activities based on several conditions to identify potential threats. Here are the scenarios where login activities are flagged as suspicious

① New Location

If a staff user logs in from a location that they haven’t used in their recent 15 logins, it is flagged as suspicious

② New Device

When a staff user logs in from a device not used in their past 15 logins, the system detects it as suspicious activity

③ Rapid Logins in  a Short Interval

If a staff user logs in more than 3 times within an hour, this behavior is considered unusual and flagged accordingly

④ Unusual Login Time

Login attempts made between 12:00 a.m. and 3:00 a.m. are flagged as suspicious, as they fall outside typical working hours

⑤ Threshold for Detection

To avoid false positives for new users, the system applies suspicious login detection only after a staff user has logged in at least 3 times.

What Happens When Suspicious Activity is Detected?

When suspicious login behavior is identified, our system takes immediate action to notify admin users:

Email Notifications

Admin users receive an alert email containing all the critical details of the flagged activity. Here’s what the email includes:

Email Subject

  • Immediate Attention Required: Suspicious Login Detected for [Username]
  • Includes the username to quickly identify the affected account.

User Details

  • Includes the username of the account involved and a direct link to the portal for quick access.
  • This ensures admins can review the flagged account immediately and take appropriate action.

Flagged Reasons

  • Login from a new location.
  • Access from a new device.
  • Rapid consecutive login attempts.
  • Unusual login times.

Additional Information

  • Device used for the login
  • IP address of the login attempt
  • Location of the login attempt
  • Timestamp of the activity

Multiple Flagged Reasons

If the system identifies more than one suspicious condition, all flagged reasons are included in the email to give admins a comprehensive overview.

  • Flagged Reason: Login detected from a new location.
  • Flagged Reason: Multiple logins detected in a short period.

Why Choose Testpress LMS?

Testpress LMS goes beyond just providing a robust learning platform; it also ensures the safety and integrity of your system. With our Suspicious Login Detection feature, you can:

  • Proactively identify and mitigate potential threats.
  • Receive real-time alerts for immediate action.
  • Maintain trust and security for your staff and users.

Ready to Enhance Your LMS Security?

Upgrade to Testpress LMS and experience unparalleled security and peace of mind. With our advanced Suspicious Login Detection, you can rest assured that your platform is protected 24/7

Request a Demo