Wishlist

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Multi-factor Authentication

    To obtain cyber-risk insurance, it is necessary for us to have the multi-factor authentication in place. I have been informed that Wild Apricot does not have multi-factor authentication in place. In today's world, this is really important. Please consider having multi-factor authentication in place for the admins at least.

    13 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow administrators to login as a member

    For many of our members, an administrator is often required to perform tasks for members. This includes buying items from the Online Store, or signing them up for events, or renewing their memberships.

    The simplest solution would be to allow administrators to become a proxy for a member, and login as the member to perform these tasks. For those members who never log in (it happens because our members are retired folks with less computer savvy, and sometimes without computers), we can give these members a password that only the administrators know, but we're loath to do that.

    For other…

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow Custom Domains to Force HTTPS:// Sitewide

    When using your own custom domain and an SSL Certificate (Let's Encrypt or 3rd Party), you should be able to update the Traffic encryption settings to "Always use https://" on that custom domain name. It defeats the purpose of even securing the site if a visitor has to manually type in "https://", when we're trying to gain the trust of a potential new member's information being safe when the browser they're using is telling them the site is "Not Secure". For this to be a paid hosting service and only allowing to use a "wildapricot" subdomain if you want https://…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  4. security status of wild apricot

    I am thinking about having this platform independently tested for security before finalizing our transition to WC from our existing platform. Has anyone else done this previously, or can anyone point to some certifications that will give me the sense of security that my members demand?

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  5. Privacy Policy confirmation needs to be enforceable

    In terms of accessing members-only information, I believe the Confirmation of having read the Privacy Policy, if one is enabled, should be enforced. My understanding is the member can leave this field at No, but it doesn't restrict any access to information. If that is the case, the field provides no tangible functionality, I think as long as the field is set to No, the member needs to be prompted to confirm that they have read the policy upon login attempt. If they are unwilling to confirm, they shouldn't be granted access, This is especially important for access to contact…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  6. New anti-spam features

    We are getting hammered by Russian spam bots. They are creating new contacts, several a day. We have the re-captcha activated but this isn't enough and the issue is urgent. The spam bots are also pledging huge donations, so if you can make them pay up, then no need to block them in the future!

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  7. Hide contact list information from admins who just have event creation capability.

    We need to be able to hide the contact information on the contact list from system admin who have just got event creation rights. Member information is hidden but not contact information and those with event creation access have the ability to extract a full contact list. This puts us potentially in breach of the Australian Privacy act as we need to ensure that contact information is restricted.

    Having the ability to extract a list of email addresses etc creates a significant exposure for our members and creates a liability that at the moment we can only manage by not…

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  8. BankVault's MasterKey

    ASCI would like to add BankVault's MasterKey to our login form.

    It need a small code added to your system; is this possible?

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  9. On login screen add icon to allow viewing of password. An eye icon is the norm.

    With the number of passwords being used having the option to view the password typed allows for corrections of miss-typed entries. Use of an eye icon to see the type password is becoming common.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  10. restrict level viewing

    Is there any way to restrict access to certain membership levels? All of our staff have administrative full access, but we have some confidential information we'd like in our database that not all staff can see.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  11. 3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  12. eu hosting

    It would be awesome to have an EU or UK (or even Canadian) AWS location for hosting to reduce GDPR overhead.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  13. Password 'have i been pwned' breech check

    Add a feature to check passwords breached from Have I been Pwned before user can submit new password. https://techcrunch.com/2018/02/23/1password-bolts-on-a-pwned-password-check/ https://haveibeenpwned.com/

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  14. Remove insecure TLS1.0 and TLS1.1 protocols so that websites rating is not downgraded

    TLS1.0 and TLS1.1 are vulnerable. Most browsers don't want them any longer and websites using these protocols will be downgraded beginning Nov 2019. The recommended minimum protocol as from March 2020 for good website rating is TLS1.2 When will WA disable use of the vulnerable protocols and implement only TLS1.2 and higher. The current rating of my website is an A but this will be downgraded to a B soon and by March 2020 even lower unless insecure protocols are removed. Since this is out of my hands I am hoping the removal of the less secure 1.0 and 1.1…

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  15. Make the captcha optional for the store checkout process

    The "I'm not a robot" Option is embarrassing. I was unable to "choose the images" with cars or "choose the images with signs" since the photos were hard to figure out. I do not want this as part of my website. I received four unfulfilled orders in a row and I believe people escape when they get to this point. I'm quitting the service over this. Its embarrassing. Seeking another service over this minor yet big detail.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add the capability to password protect a page area of the website.

    Our organization has the need to sometimes manage sensitive information. We would like to do this electronically on the website. Therefore would like to see a capability added where we could password protect a specific page area.

    9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  17. Additional Security for Payment Data

    Can separate security be setup for admins that manage payments within Wild Apricot. Currently, all administrators can change the payment information.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  18. set password expiration periods for passwords (30 days, 45 days,etc)

    I would like to have the ability to set password expiration about a certain period (30 days, 45 days). We would force users to change their passwords after a certain period for tighter security.

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add audio Captcha

    For the Captcha, we need an alternative to the only method you use. For people that are either color blind or have vision problems, I would like to have an audio captcha available as an option. Can this be instituted?

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  20. User should be required to change temporary password

    If a temporary password is set by the administrator or is sent to the user, there should be an option to force the initial password to expire when on first use and force the user to set the password.

    15 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3
  • Don't see your idea?

Feedback and Knowledge Base