Login Security Bundle for Perfex CRM Documentation

Introduction

The Login Security Bundle for Perfex CRM is a focused security package that protects your application from unauthorized access and credential abuse. It combines three tightly related features — failed login protection, live session management, and detailed login history — into one easy-to-manage admin panel. Ideal for administrators who need immediate control over login behavior and active sessions.

  • Login Log – View complete login and logout history with duration, device, browser, and IP details. Includes deep filtering for analysis and a quick-clear option.
  • Login Attempt – Limit failed login retries, enforce lockout times, and block accounts after repeated failures. Automatic cooldowns reset after 24 hours, with admin override for blocked accounts.
  • Login Session – Monitor all active user sessions in real time. Force logout remotely, apply temporary login bans, or enforce single-login per user with automatic timeout for inactive sessions.

System Requirements

  • Perfex CRM v3.1.0 or higher

Login Log

Installing the module is quick and simple, It takes just a few minutes :

  • Extract the main .zip file and locate the login_log.zip file.
  • Log in to the Perfex CRM admin panel as an administrator and go to Setup → Modules.
  • Click Choose File and select the login_log.zip
  • Click Install to complete the process.
Login Log Module Installation

Once the module is installed, it will appear in the list of available modules below. Simply click the Activate button to enable it.

Login Log Module Activation

Usage :

  • Login & Logout Tracking
    • Each login attempt is recorded with corresponding logout time.
    • Session duration is automatically calculated for better insights.
  • Detailed Session Information
    • Logs include IP address, device type, and browser details.
    • Enables quick detection of unusual login patterns or suspicious devices.
  • Advanced Filtering
    • Use deep filters to narrow down results by user and date range.
    • Provides clear visibility for auditing and security analysis.
  • Quick Log Management
    • Admins can clear logs instantly with a single click.
    • Ensures database optimization and removes unnecessary history when required.

Login Attempt

Installing the module is quick and simple, It takes just a few minutes :

  • Extract the main .zip file and locate the login_attempts.zip file.
  • Log in to the Perfex CRM admin panel as an administrator and go to Setup → Modules.
  • Click Choose File and select the login_attempts.zip
  • Click Install to complete the process.
Login Attempt Module Installation

Once the module is installed, it will appear in the list of available modules below. Simply click the Activate button to enable it.

Login Attempt Module Activation

Configuration :

Once the module is installed and activated, you'll see three options, Deactivate, Manage and Settings. Click on the Settings button to quickly access the Login Session Settings

Login Attempt Module Activation

Alternatively, you can navigate to Setup → Settings → Login Attempt to access its configuration options, which include :

  • Enable for Staff
  • Enable for Customer
  • Allowed Retries Before Lockout - User will have to face lockout time and will not able to login or retire for that time
  • Lockout Time (In Minutes) - The user will be temporarily locked out from retrying, and with each failed attempt, the lockout duration will be multiplied.
  • Maximum Lockout - Maximum number of allowed lockouts per user. If this threshold is exceeded, login access will be restricted until approved by an administrator.
Login Attempt Module Settings

Usage :

  • Enable / Disable Module
    • Admins can independently enable or disable login attempt protection for staff and customers.
  • Allowed Retries Before Lockout
    • Defines the number of failed attempts before triggering a lockout (e.g., 3 failed tries).
    • Once the threshold is reached, the user cannot attempt login until the lockout period ends.
  • Lockout Time (in Minutes)
    • Specifies the base duration of the lockout period.
    • Lockout time increases with each repeated lockout, multiplied by the number of lockouts (e.g., 1st lockout = 3 mins, 2nd lockout = 6 mins, 3rd lockout = 9 mins, etc.).
  • Maximum Lockouts
    • Limits the total number of lockouts allowed per user.
    • If exceeded, the account is fully locked, and login access is restricted until manually approved by an administrator.
  • Automatic Reset
    • Failed attempts and lockout counts resets after 24 hours.
    • Blocked accounts, however, remain locked until explicitly approved by the administrator.
  • Admin Management
    • Admins can view a list of users whose accounts are locked.
    • From the admin panel, login access can be re-enabled with a single action.
  • In-App Notification – Admin will get an in-app notification if a user account is blocked after repeated failed login attempts.

Login Session

Installing the module is quick and simple, It takes just a few minutes :

  • Extract the main .zip file and locate the login_session.zip file.
  • Log in to the Perfex CRM admin panel as an administrator and go to Setup → Modules.
  • Click Choose File and select the login_session.zip
  • Click Install to complete the process.
Login Session Module Installation

Once the module is installed, it will appear in the list of available modules below. Simply click the Activate button to enable it.

Login Session Module Activation

Configuration :

Once the module is installed and activated, you'll see three options, Deactivate, Manage and Settings. Click on the Settings button to quickly access the Login Session Settings

Login Session Module Activation

Alternatively, you can navigate to Setup → Settings → Login Session to access its configuration options, which include :

  • Enable for Staff – If enable staff will only able to login from single device.
  • Enable for Customer – If enable customer will only able to login from single device.
Login Session Module Settings

Usage :

  • Session Tracking
    • Each login session records user details, IP address, browser, device, and login time.
    • Admins can view a complete list of currently logged-in staff and customers.
  • Force Logout
    • Admins can immediately terminate any user’s active session.
    • Once logged out, the user is redirected to the login page.
  • Temporary Ban
    • In addition to logout, admins can apply a temporary ban on a user account.
    • The ban prevents the user from re-logging in for a defined duration (in minutes).
    • After the ban period ends, login access is automatically restored.
  • Single Login Restriction
    • If enabled by the admin, Staff or Customer is allowed only one active session at a time.
    • If the user tries to log in on a new device or browser while already logged in, the new session will be rejected.
    • If the user closes the browser without logging out, the session will automatically expire after 30 minutes of inactivity, allowing login from another session.

Support

For support, please reach out to us at codeonstring@gmail.com. We will respond as soon as possible, typically within one working day.

Changelog

VERSION 1.0.0 – Initial Release