Description
Features | Setup Guide | Documentation | Integrations | Contact Us
### A POWERFUL & FREE TO USE 2FA PLUGIN
Secure your WordPress login by adding a security layer i.e. two-factor authentication (2FA) or two-step authentication.
Install the Two-Factor Authentication (2FA) plugin to protect your website from unauthorized access. Google Authenticator – Two Factor Authentication (2FA) is the most feature-rich and reliable 2FA solution. You can also check out our Two-Factor Authentication landing page to know more. Two-Step Authentication secures your website against various threats like brute force attacks, dictionary attacks, and automated password guessing.
For further information or any inquiries, feel free to reach out to us at 2fasupport@xecurify.com
### KEY FEATURES AND CAPABILITIES
Two-Fator Authentication plugin supports all the TOTP (Time-Based One-Time Password) Authenticator Apps.
TOTP (Time-Based One-Time Password) is a type of two-factor authentication (2FA) mechanism that generates a temporary, unique password based on the current time. It is widely used to enhance security by requiring not only a username and password but also a time-sensitive code that changes every 30 seconds (usually).
Below are TOTP (Time-Based One-Time Password) Authenticator apps of Two-factor authentication provided by our plugin:
- Google Authenticator
- Microsoft Authenticator
- LastPass Authenticator
- Duo Authenticator
- Authy 2-Factor Authenticator
- FreeOTP Authenticator
-
Okta Verify and many other Two-Factor Authenticator apps.
In TOTP (Time-Based One-Time Password) Authenticator methods of WordPress 2FA (WP 2FA) plugin, you get a 2FA code on the authenticator app to verify yourself during WordPress Login.
Check out the following video to configure Google authenticator as your 2FA method:
Two Factor Authenticator – WordPress 2FA (WP 2FA) plugin provides multiple 2FA methods to setup two-step authentication. One of the popular being Google Authenticator.
Our setup wizard guides you through the setup process. It makes the WordPress 2FA (WP 2FA) plugin setup so easy that a person with no technical knowledge can configure 2FA in no time and setup any two-step authentication method of your choice.
- Two-Factor Authentication – 2FA for all user roles
- Two-Factor Authentication (2FA) or Two-Step Authentication Methods:
- Login with 2FA using Authenticator Apps
- OTP Over Email/2FA code Over email/OTP login via Email
- OTP Over SMS/2FA code Over SMS/OTP login via SMS
- Email Verification via link
- OTP over Telegram
- Security Questions
- Set 2FA method of any user from their profiles
- Users can log in with any configured 2FA or two-step authentication methods
- Grace Period for users to configure 2FA or two-step authentication
- 2FA – two-step authentication is supported on popular login forms
- 2FA – two-step authentication supported on popular checkout/registration forms
- 2FA for a lifetime for up to 3 users
- Login using backup codes in case you are locked out
-
Language Translation Support for French, Spanish, Italian, German, and many other languages
If you have questions or need more details, contact us at 2fasupport@xecurify.com.
PREMIUM FEATURES AVAILABLE ON UPGRADE
-
Two-Factor Authentication (2FA) for all users and user roles on your website
- Unlimited Email transactions for email-based 2FA
- Set different 2FA or two-step authentication policies for different user roles
- Enable/disable Two-Factor Authentication (2FA) or Two-Step Authentication for specific Users/User Roles
- Login with backup 2FA methods: – KBA (Security Questions), OTP login using Email, and Backup codes
- Redirect users to a custom URL after 2FA
- Customize account name shown in 2FA Authenticator apps
- Set custom security questions
- Force Two-factor authentication or two-step authentication for users
- Send email notification to users asking them to set up Two-Factor Authentication (2FA) or two-step authentication
- Remember device to skip 2FA or two-step authentication on trusted devices
- Customize 2FA login pop-ups according to your website’s theme
- 2FA supported on multisite network for up to 3 subsites
- Login with 2FA – two-step authentication using Hardware Token
- Sync WP 2FA for multiple websites
- Customize email notifications, and 2FA login pop-ups and use your own branding logo
- Shortcodes available to add enable/disable 2FA checkbox and reconfigure 2FA panel on user’s account page
- Restrict the number of simultaneous sessions of a user
- Passwordless login – Login without password using 2FA
- 2FA – two-step authentication for popular login forms like User Pro, Login with Ajax, Theme My Login, etc.
User Identity Verification with the Two Factor Authentication (2FA) or WordPress 2FA (WP 2FA) plugin
2FA on Login and Registration: Verify users on login with different TOTP login methods & other 2FA/OTP login methods like OTP login using SMS, OTP login using Email, OTP over Telegram, Google Authenticator, Email Verification, Authy Authenticator, Duo Authenticator, Microsoft Authenticator and many others. Two-factor authentication on registration can be done via either of the OTP login methods (OTP authentication using Email or via OTP authentication using SMS).
Plugin Integrations and Support for all two-factor authentication (2FA) or two-step authentication methods
Two Factor Authentication – WordPress 2FA plugin is compatible with popular plugins such as:-
- WooCommerce
- Ultimate member
- Buddy Press
- Elementor Pro
- Login With Ajax and many more.
- User Registration
- Restrict Content Pro
- Login Press
- Registration Magic
- Admin Custom Login
- Theme My Login
- Profile Builder
Third-Party Custom SMS Gateway for OTP Over SMS – OTP Login via SMS
The premium Two Factor Authentication – WordPress 2FA (WP 2FA) plugin support any third-party SMS Gateway for OTP login via SMS method. If you don’t have your SMS gateway you can use the miniOrange gateway and send SMS in OTP Over SMS authentication.
Famous SMS gateways supported by Two Factor Authentication – WordPress 2FA plugin.
Test your gateway
Why do you need to register with miniOrange in the Two Factor Authentication plugin or miniOrange Google Authenticator?
Two Factor Authentication or WordPress 2FA (WP 2FA) plugin uses miniOrange APIs to communicate between your WP site and miniOrange IDP. To keep this communication secure, we ask you to register and assign API keys specific to your account. This way your account and users’ calls can be accessed only by API keys assigned to you.
However, you can use most of the 2FA methods without registration. You must register yourself to use the OTP Over SMS or OTP login via SMS method.
Useful blog posts about two-factor authentication or WordPress 2FA plugin
- Beginner’s Guide: How to Add Two-Factor Authentication to WordPress
- How to Add Two-Factor Authentication i.e, WordPress 2FA using Google Authenticator
- How to translate WordPress Two-Factor Authentication – WP 2FA
- Simple method to add Two-Factor Authentication in WordPress
- WordPress two-factor authentication – How to Setup 2FA
-
Customized solutions and active support for the miniOrange Google Authenticator or Two Factor Authentication(2FA) plugin are available. Email us at info@xecurify.com or call us at +1 9786589387.
Screenshots
Installation
From your WordPress dashboard
- Navigate to
Plugins > Add New
from your WP Admin dashboard. - Search for
miniOrange 2 Factor Authentication - 2FA
orGoogle Authenticator.
- Install
miniOrange 2 Factor Authentication - 2FA
and activate the plugin.
From WordPress.org
- Search for
miniOrange 2 Factor Authentication - 2FA
and download it. - Unzip and upload the
miniorange-2-factor-authentication - 2FA
directory to your/wp-content/plugins/
directory. -
Activate miniOrange 2 Factor Authentication – 2FA from the Plugins tab of your admin dashboard.
Video Guide :
FAQ
-
How do I gain access to my website if I get locked out using the Google Authenticator – 2FA plugin?
-
You can obtain access to your website by one of the below options:
- If you have an additional administrator account whose Two-Factor or 2FA is not enabled yet, you can log in with it.
- If you had set up KBA questions as 2FA earlier, you can use them as an alternate method to log in to your website instead of the configured 2FA method.
-
Rename the plugin from FTP – this disables the Two Factor Authentication – WordPress 2FA (WP 2FA) plugin and you will be able to log in without 2FA.
For detailed information, please check on our website. Locked Out.
You can also check our video tutorial:
-
How do I enable Google Authenticator 2 Factor Authentication – 2FA as the backup method?
-
You can use Google Authenticator as the backup method for your users by enabling the «Login with any configured 2FA method» or «Multi-factor Authentication» in the miniOrange two-factor authentication – 2FA plugin settings. [PREMIUM FEATURE]
-
I have enabled Two Factor Authentication (2FA) or Two-step Authentication for all users, what happens if an end-user tries to log in but has not yet registered?
-
If a user has not set up Two Factor yet, the user will be prompted for 2FA registration on the first login.
-
How can I enable only one authentication method for my users?
-
You can select the specific two-factor authentication(2FA) or two-step authentication methods under the Login Settings tab. Only the selected authentication methods will be shown to the user during inline registration for example if you select Google Authenticator or any specific 2FA methods, only they will be shown on login. [PREMIUM FEATURE]
-
How can I make the look and feel of custom/front-end login page on my site to remain the same when I add 2-factor authentication?
-
If you have a custom login form other than wp-login.php then you can configure 2FA on your login form from the Login Form settings in the miniOrange Two Factor Authentication(2FA) plugin dashboard. We are not claiming that it will work with all the custom login pages. In such a case, custom work is needed to integrate two-factor with your customized login page. You can submit a query in our Support Section in the plugin or you can contact us at info@xecurify.com for more details.
-
What should I do if I face any issues while logging in with the minniOrange Two Factor Authentication plugin or if there is a conflict with any other plugin?
-
Our Two Factor Authentication plugin is compatible with most popular plugins, but if it is not working for you, please submit a query in our Support Section in the plugin or contact us at info@xecurify.com.
-
I am using a render-blocking javascript and CSS plugin – Async JS and CSS Plugin and I am not able to log in with Two-Factor and the screen goes blank. What should I do?
-
If you are using Async JS and CSS Plugin. Please go to its settings add jQuery to the list of exceptions and save settings. It will work. If you are still not able to get it right, Please submit a query in our Support Section in the plugin or you can contact us at info@xecurify.com.
-
I am upgrading my phone. What should I do to shift 2FA to my new phone?
-
You should go to 2FA For Me Tab and click on Reconfigure to reconfigure 2 Factor with your new phone.
Reviews
Contributors & Developers
“Google Authenticator – WordPress 2FA, OTP SMS and Email” is open source software. The following people have contributed to this plugin.
ContributorsTranslate “Google Authenticator – WordPress 2FA, OTP SMS and Email” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
6.0.5
- Updated Button CSS
- Updated Custom Logo Branding on 2FA Popup Settings UI
- General CSS Improvements
- 2FA Pricing Page Removed
6.0.4
- Improvement – Updated Login Transaction Report UX
- 2FA Pricing Plan updates
6.0.3
- Bug Fixes – Google Authentication CSS-JS loading issue in login
6.0.2
- Setup Wizard flow changes.
- Bug Fix in Setup Wizard flow.
6.0.1
- Bug fixes for UI/UX plugin release
6.0.0
- Updated UI/UX of the plugin dashboard
- Added configuration for customizations of all email notifications White Labelling > Email Templates
- Added 2FA reconfiguration link over email as a backup method
- Added Cusotm Redirect URL after login feature
- Extended grace period functionality
- Removed miniOrange Authenticator 2FA method
- Removed DUO Authenticator 2FA method
- Shifted Google Authenticator Custom App name to White Labelling > 2FA Customizations
5.8.4
- Updated jquery jquery.dataTables.min.js version to the latest version
- Bug fixes- Getting error on user account creation on WooCommerce
5.8.3
- Compatibility with WordPress 6.5
- Fixed redirection issue on activation with WordPress 6.5
- Changed refund Policy link
- Updated miniOrange portal links
5.8.2
- Bug Fix- Log out the users when the grace period is enabled
- Improvement- Added SMTP checks for email verification authentication
- Improvement- Updated UX for Email Verification method
- Fixed- Warnings in the error logs
5.8.1
- Bug Fix- Show backup codes to users after configuring Email Verification
- Updated UI for Google Authenticator user configuration screens
- Updated UI of Setup Wizard
5.8
- Bug fix- 2FA method was getting updated when updating a user on the user-edit page
- Updated UI for OTP over SMS, OTP over Email and OTP over Telegram configuration screens
- Added Email Verification authentication method
5.7.5
- Compatibility with WordPress 6.4
5.7.4
- Bug fix- Keep end users’ 2FA configuration when the plugin is deactivated
- Bug fix- Attempts left for the OTP-based methods
- Bug fix- Display App Key for Google authenticator in 2FA inline registration
5.7.3
- Bug fixes for registration forms
- Compatibility with WordPress 6.3
5.7.2
- Updated flow of 2FA on registration form
- Minor bug fixes
5.7.1
- Bug fix – Users will be able to configure/reconfigure and reset cloud methods
- Bug fix – SMS Transactions will be credited when customers register in the plugin
- Bug fix – Fixed Email Transaction sync issue
- Added Resend OTP Button in case of OTP Over SMS, OTP over Telegram, OTP over Email methods
- Improvement – Enforced reconfiguration of the alternate method after login with backup code
- Feature Improvement – The 2FA prompt will be visible in case of TOTP method has not been set for the admin
- Updated plugin dashboard UI – Added My Account tab for miniOrange User Account
5.7.0
- Code Improvements according to WPCS
- Feature Improvement – Added role-based checks for login through new IP
- Improvement – Error handling for account creation
5.6.6
- Google Authenticator – Two-factor Authentication – 2FA, OTP :
- Bug fix – redirection issue for users in a Multisite environment
- Improvements – Removed External links from Google Authenticator
- Improvements – Mobile responsiveness of setup wizard
- Improvement for SMS/Email verification on the PaidMembership Proform
- Updated Pricing plan according to new use cases
- Updated Add SMS notification/button check
- Updated feedback form
- Advertised OTP over WhatsApp
5.6.5
- Google Authenticator – Two-factor Authentication – 2FA, OTP :
- Bug fix – Save template for notifications on email
- Bug fix – Error in SMS authentication setup through plugin dashboard
- Updated Network Security removal notice message
5.6.4
- Google Authenticator – Two-factor Authentication – 2FA, OTP :
- Bug fix – headers already sent in messages.php
5.6.3
- Google Authenticator – Two-factor Authentication – 2FA, OTP :
- Skip-2 factor option removed from the inline setup
- Backup code button will always be shown
- Added login form and theme fields in the trial request form
- CSS-JS version added for all scripts and styles respectively
- Autofocus for many input fields and submit the form when Enter is hit
5.6.2
- Google Authenticator – Two-factor Authentication – 2FA, OTP :
- Vulnerability fixes
- Removed Network Security for new users
- Updated Pricing page UI
5.6.1
- Google Authenticator – Two-factor Authentication 2FA, OTP :
- Bug fix- Headers already sent
-
Added SMTP check for sending backup codes on 2fa prompt
For older changelog entries, please see the additional changelog.txt file provided with the plugin.