Sale off 30% LTD plan, use this coupon: LTD30. Buy now »

Total products: 24,715

Two Factor Authentication

Original price was: $19.00.Current price is: $4.99.

“Two Factor Authentication” (TFA) enhances WordPress security by adding an additional layer of protection beyond passwords. While WordPress typically relies solely on passwords for access, TFA introduces a second factor to verify identity. This plugin employs a widely-used TFA method: generating one-time codes on personal devices like phones or tablets. Unlike methods requiring internet connection or SMS reception, these codes offer offline convenience while bolstering security against unauthorized logins.

Version2.6.4
ChangelogView detail
DocumentationView detail
Updated26/10/2024

Introduce Two Factor Authentication:

Two Factor Authentication Premium

 

“Two Factor Authentication” (TFA) is a tried-and-tested way to secure your WordPress site from unwanted logins.

By default, WordPress is protected only by a password. Once somebody guesses your password, they have all access. “Two Factor” security is about adding a second factor. This plugin uses the most popular implementation of TFA: one-time codes that are shown on your phone/tablet/other device, but which do not require you to be connected to a network (i.e. you don’t need to be online/receiving SMSes, etc.).

Main Feature Two Factor Authentication:

  • Supports standard TOTP + HOTP protocols (and so supports Google Authenticator, Authy, and many others).
  • Displays graphical QR codes for easy scanning into apps on your phone/tablet
  • TFA can be made available on a per-role basis (e.g. available for admins, but not for subscribers)
  • TFA can be turned on or off by each user
  • TFA can be made compulsory for chosen user roles (e.g. for all admins and editors), after a configurable time period to allow them to set it up (e.g. after 7 days)
  • Supports front-end editing of settings – any layout you wish (using standard WordPress shortcodes)
  • Site owners can allow “trusted devices” on which TFA codes are only asked for a chosen number of days (instead of every login); e.g. 30 days
  • Includes native support for the built-in WordPress, WooCommerce, Theme My Login, Elementor, Affiliates-WP, CozmosLabs Profile Builder, Gravity Forms User Registration add-on, Ultimate Member, Ultimate Membership Pro, bbPress and WP Members login forms; also supports any login form at all via appending your TFA code to your password (e.g. works with login forms that don’t follow internal WP conventions)
  • Optional anti-bot protection on WooCommerce login forms, hiding the existence of the form unless JavaScript is active.
  • Does not mention or request second factor until the user has been identified as one with TFA enabled (i.e. nothing is shown to users who do not have it enabled)
  • Encrypt the TFA-generating secret keys using an on-disk encryption key, so that an attacker would need to break into both your WordPress database and your files in order to break TFA codes (as well as breaking a user’s password in order to use them).
  • WP Multisite compatible (plugin should be network activated)
  • Simplified user interface and code base for ease of use and performance
  • Emergency codes for when you lose your phone/tablet
  • Administrators can access other users’ codes, and turn them on/off when needed
  • Translatable – we have a website where you can easily add translations into your own language, if you wish
  • Alert users if someone appears to have found out their password, as indicated by successfully entering a password but repeatedly entering an incorrect TFA code.

Reviews

There are no reviews yet.

Be the first to review “Two Factor Authentication”

Your email address will not be published. Required fields are marked *

Telegram

Get support via Telegram
Contact us