diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
index 40093fa..bc2914d 100644
--- a/.github/workflows/CI.yml
+++ b/.github/workflows/CI.yml
@@ -22,7 +22,7 @@ jobs:
           bundler-cache: true
 
       - name: Install the latest Rails gem
-        run: gem install rails -v "7.1.0"
+        run: gem install rails -v "7.2.1"
 
       - name: Install Rubocop
         run: gem install rubocop rubocop-performance rubocop-minitest rubocop-packaging rubocop-minitest rubocop-rails
@@ -65,7 +65,7 @@ jobs:
           bundler-cache: true
 
       - name: Install the latest Rails gem
-        run: gem install rails -v "7.1.0"
+        run: gem install rails -v "7.2.1"
 
       - name: Install Rubocop
         run: gem install rubocop rubocop-performance rubocop-minitest rubocop-packaging rubocop-minitest rubocop-rails
diff --git a/README.md b/README.md
index eb664dd..4f4e038 100644
--- a/README.md
+++ b/README.md
@@ -45,7 +45,6 @@ Since Authentication Zero generates this code into your application instead of b
 - Ask password before sensitive data changes, aka: sudo (--sudoable)
 - Reset the user password and send reset instructions
 - Reset the user password only from verified emails
-- Lock mechanism to prevent email bombing (--lockable)
 - Rate limiting for your app, 1000 reqs/minute (--ratelimit)
 - Send e-mail confirmation when your email has been changed
 - Manage multiple sessions & devices
diff --git a/lib/authentication_zero/version.rb b/lib/authentication_zero/version.rb
index 1246d68..499273c 100644
--- a/lib/authentication_zero/version.rb
+++ b/lib/authentication_zero/version.rb
@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "4.0.0"
+  VERSION = "4.0.1"
 end
diff --git a/lib/generators/authentication/authentication_generator.rb b/lib/generators/authentication/authentication_generator.rb
index 264e21d..0f5b2fa 100644
--- a/lib/generators/authentication/authentication_generator.rb
+++ b/lib/generators/authentication/authentication_generator.rb
@@ -6,9 +6,8 @@ class AuthenticationGenerator < Rails::Generators::Base
   class_option :api,           type: :boolean, desc: "Generates API authentication"
   class_option :pwned,         type: :boolean, desc: "Add pwned password validation"
   class_option :sudoable,      type: :boolean, desc: "Add password request before sensitive data changes"
-  class_option :lockable,      type: :boolean, desc: "Add password reset locking"
   class_option :ratelimit,     type: :boolean, desc: "Add request rate limiting"
-  class_option :passwordless,  type: :boolean, desc: "Add passwordless sign"
+  class_option :passwordless,  type: :boolean, desc: "Add passwordless sign in"
   class_option :omniauthable,  type: :boolean, desc: "Add social login support"
   class_option :trackable,     type: :boolean, desc: "Add activity log support"
   class_option :two_factor,    type: :boolean, desc: "Add two factor authentication"
diff --git a/lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt b/lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt
index 9b3cbe0..f896764 100644
--- a/lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt
+++ b/lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt
@@ -1,9 +1,7 @@
 class Identity::PasswordResetsController < ApplicationController
   skip_before_action :authenticate
-
-  <%- if options.lockable? -%>
   rate_limit to: 10, within: 1.hour, only: :create
-  <%- end -%>
+
   before_action :set_user, only: :update
 
   def edit
diff --git a/lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt b/lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt
index e452e0a..5ff703a 100644
--- a/lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt
+++ b/lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt
@@ -1,9 +1,7 @@
 class Identity::PasswordResetsController < ApplicationController
   skip_before_action :authenticate
-
-  <%- if options.lockable? -%>
   rate_limit to: 10, within: 1.hour, only: :create, with: -> { redirect_to root_path, alert: "Try again later" }
-  <%- end -%>
+
   before_action :set_user, only: %i[ edit update ]
 
   def new
diff --git a/lib/generators/authentication/templates/controllers/html/sessions/passwordlesses_controller.rb.tt b/lib/generators/authentication/templates/controllers/html/sessions/passwordlesses_controller.rb.tt
index 67d72e5..5a54178 100644
--- a/lib/generators/authentication/templates/controllers/html/sessions/passwordlesses_controller.rb.tt
+++ b/lib/generators/authentication/templates/controllers/html/sessions/passwordlesses_controller.rb.tt
@@ -1,9 +1,7 @@
 class Sessions::PasswordlessesController < ApplicationController
   skip_before_action :authenticate
-
-  <%- if options.lockable? -%>
   rate_limit to: 10, within: 1.hour, only: :create, with: -> { redirect_to root_path, alert: "Try again later" }
-  <%- end -%>
+
   before_action :set_user, only: :edit
 
   def new