I´ve seen some discussion around also this topic about it, but there still seems to be no way to do it. matt said that “maybe” changing htaccess would work, but I could not find a way for it to work. So if anyone has any info regarding that, it´d be greatly appreciated.
On the one hand users have to have an option to optout, on the other I do not want to rely on the login safety alone, but have it protected additionally by htaccess.