I have some suggestions
an optional configurable timer that will log you out automatically after x amount of activity.
an optional configurable option to prevent logins for x amount of minutes when a password is entered wrong 3-5 times. (To help against defend against attacks in the future) and maybe even editing the htaccess file to deny the ip if it happens more than x amount of times in x amount of time
or maybe some kind of log that can track the failed attempts of logins from the ip ( i have a nice webRTC iplogger script that could help with this and it can capture ip addresses even sometimes the real ip address when some people use vpn/proxy it can also capture the internal network ip addresses in some cases as well)
A username and password system that would let us add a second editor if necessary (rather it be manually or with a wizard) (doing this could add some security because then someone trying to say brute force would need to know a username and the password)
Maybe a button that will let the person purge sitecakes “cache” so if changes are made to the code the editor shows the new changes without having to go in and delete sitecake-temp and sitecake-backup directories.