Description
Email OTP Login adds an additional layer of security to your WordPress site by requiring users to verify an OTP sent to their email after entering their username and password. This ensures that only users with access to the registered email can log in.
Features:
- Email OTP verification during login.
- OTP expires in 5 minutes (configurable).
- OTP stored securely using WordPress password hashing.
- Works with the default WordPress login form.
- Uses WordPress built-in
wp_mail()function (works with SMTP plugins).
This plugin does not modify WordPress core files.
License
This plugin is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 2 or later.
This plugin is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Screenshots
Standard login screen with OTP verification page. 
Example email received with OTP. 
OTP verification form after login.
Installation
- Upload the plugin folder
email-otp-loginto the/wp-content/plugins/directory. - Activate the plugin through the ‘Plugins’ menu in WordPress.
- Ensure your site can send emails (install a plugin like “WP Mail SMTP” if needed).
- Test by logging in or registering a new account.
- After entering credentials, an OTP will be emailed.
- Enter the OTP to complete login.
FAQ
-
Does this replace my existing password?
-
No. Users must enter their normal username/password first, then OTP.
-
What happens if the OTP email does not arrive?
-
Make sure your site can send emails. We recommend configuring an SMTP plugin for reliable email delivery.
-
Can I change OTP expiration time?
-
Yes. In the plugin class,
$otp_expirationcontrols OTP lifetime (default 300 seconds = 5 minutes). -
Can I use this with WooCommerce login?
-
This version is built for native WordPress login. In next release, I will add WooCommerce support.
-
Is OTP stored securely?
-
Yes. OTP is stored using the same mechanism WordPress uses for user passwords.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“Email OTP Login” is open source software. The following people have contributed to this plugin.
Contributors
Translate “Email OTP Login” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.0.0
- Initial release with OTP verification for login.