CodeCave Admin Security Auditor is a lightweight plugin that helps you monitor user activity by tracking and displaying the last login time for each user in your WordPress site.

Features:

Automatically tracks the last login time for all users
Displays last login information in the WordPress admin users table
Sortable last login column for easy user management
Shows “Never” for users who haven’t logged in since plugin installation
Timezone-aware display (uses your WordPress timezone settings)
Clean uninstall – removes all data when plugin is deleted
Translation ready
No configuration needed – works out of the box

Use Cases:

Monitor user engagement and activity
Identify inactive user accounts
Security auditing and compliance
User account cleanup and maintenance
Track user adoption of your WordPress site

Privacy and Data:

This plugin stores the last login timestamp as user metadata in your WordPress database. No data is sent to external servers. When you uninstall the plugin, all stored data is automatically removed.

Developer Notes

Accessing Last Login Data Programmatically:

You can retrieve the last login timestamp for a user:

$auditor = CodeCave_Admin_Security_Auditor::get_instance();
$last_login = $auditor->get_last_login( $user_id );

if ( $last_login ) {
    echo 'Last login: ' . date( 'Y-m-d H:i:s', $last_login );
} else {
    echo 'Never logged in';
}

Hooks and Filters:

The plugin uses standard WordPress hooks and does not currently provide custom hooks. This may be added in future versions based on user feedback.

Installation

Upload the codecave-admin-security-auditor folder to the /wp-content/plugins/ directory
Activate the plugin through the ‘Plugins’ menu in WordPress
Navigate to Users > All Users to see the Last Login column

That’s it! The plugin will automatically start tracking user logins.

Frequently Asked Questions

Does this plugin track login attempts or just successful logins?

The plugin only tracks successful logins. Failed login attempts are not recorded.

Will this plugin show login times for users who logged in before activation?

No, the plugin only tracks logins that occur after it has been activated. Existing users will show “Never” until they log in again.

Can I export the last login data?

The data is stored as WordPress user metadata and can be accessed programmatically or through database exports. Future versions may include export functionality.

Does this plugin work with custom login pages?

Yes, the plugin uses WordPress core hooks and will work with any login method that triggers the standard WordPress authentication process.

Will this plugin slow down my site?

No, the plugin is extremely lightweight and only updates a single database field when a user logs in. There is no impact on frontend performance.

Is this plugin GDPR compliant?

The plugin stores minimal data (a timestamp) for legitimate purposes (user management and security). However, you should review your own privacy policy and data retention practices to ensure GDPR compliance for your specific use case.

Can I customize the date format?

The current version uses WordPress timezone settings. Future versions may include format customization options.

Review feed

No reviews available

Screenshots

No screenshots available

Changelog

1.2.4

Test

1.2.3

Test

1.2.2

Test latest + assets

1.2.1

Testing workflow updates.

1.2.0

Minor bump.

1.0.2

Second bump.

1.0.1

Bump version for automatic update prevent test.

1.0.0

Initial release
Track last login time for all users
Display last login in users table
Sortable last login column
Timezone-aware display
Clean uninstall

Back to plugins