Thanks for the suggestion. I’ve been using a header-hack to ensure that no non-registrees are allowed into the website. I’ve only found https://wordpress.org/extend/plugins/registered-users-only-2/ that’s secure enough for me (all parts of the website). But it isn’t supporting BP 1.2. right now. I’m hoping for a release soon enough although.