Skip to toolbar
  • About WordPress
    • About WordPress
    • WordPress.org
    • Documentation
    • Support
    • Feedback
  • Log In
  • Register
Skip to content

WordPress.org

Sardu

  • Home
  • Blog
  • Plugins
  • Themes
  • About

Plugins

  • My Favorites
  • Beta Testing
  • Developers
Download

Two-Factor

By Plugin Contributors
  • Details
  • Reviews
  • Support
  • Development

Description

Use the “Two-Factor Options” section under “Users” → “Your Profile” to enable and configure one or multiple two-factor authentication providers for your account:

  • Email codes
  • Time Based One-Time Passwords (TOTP)
  • FIDO Universal 2nd Factor (U2F)
  • Backup Codes
  • Dummy Method (only for testing purposes)

For more history, see this post.

Actions & Filters

Here is a list of action and filter hooks provided by the plugin:

  • two_factor_providers filter overrides the available two-factor providers such as email and time-based one-time passwords. Array values are PHP classnames of the two-factor providers.
  • two_factor_enabled_providers_for_user filter overrides the list of two-factor providers enabled for a user. First argument is an array of enabled provider classnames as values, the second argument is the user ID.
  • two_factor_user_authenticated action which receives the logged in WP_User object as the first argument for determining the logged in user right after the authentication workflow.
  • two_factor_token_ttl filter overrides the time interval in seconds that an email token is considered after generation. Accepts the time in seconds as the first argument and the ID of the WP_User object being authenticated.

Get Involved

Development happens on GitHub. Join the #core-passwords channel on WordPress Slack (sign up here).

Here is how to get started:

$ git clone https://github.com/wordpress/two-factor.git
$ npm install

Then open a pull request with the suggested changes.

Screenshots

  • Two-factor options under User Profile.
  • U2F Security Keys section under User Profile.
  • Email Code Authentication during WordPress Login.

Reviews

Terrific Improvement For Yubikey Users!

doublefile23 May 31, 2020
This plugin is a terrific improvement for WordPress Yubikey users. Two other plugins seem to be abandoned and deprecated. I experienced lots of grief with them when they failed. I like the fact that there are backup codes available in case there is a problem with the Yubikey. I recently had a support issue that was resolved fairly quickly on this forum. I had not re-registered the Yubikey in the plugin settings after migrating from a development site to a production site. I could not log in to the WP dashboard. I had to re-name the plugin file in cPanel to access the dashboard. I made a support request on this forum and the plugin developer diagnosed the problem. He gave me a clear set of instructions to resolve the problem. By re-registering the Yubikey, I was able to clear up the problem in a few minutes. Satisfaction!

Can’t log in to my website

adexios May 30, 2020
One star because I can't log in to my website and it won't send me the code. Going to see if there's some way to uninstall it...

good plugin

marktrenton May 12, 2020
very good and useful plugin

Great Security System

paulsovai4 May 9, 2020
It's always good to have a double control on what you do.

Better stay safe

tudorsucalu May 3, 2020
Nothing to complain

Error

wandaturnage April 9, 2020
Tired of it always crashing
Read all 112 reviews

Contributors & Developers

“Two-Factor” is open source software. The following people have contributed to this plugin.

Contributors
  • George Stephanis
  • Derek Herman
  • Steven Word
  • Daisuke Takahashi
  • Scott Grant
  • Aaron D. Campbell
  • John Blackbourn
  • Steve Grunwell
  • Stephen Edgar
  • Kaspars
  • Ali H. Arshad
  • Arslan Ahmed

“Two-Factor” has been translated into 21 locales. Thank you to the translators for their contributions.

Translate “Two-Factor” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

See the release history.

Meta

  • Version: 0.6.0
  • Last updated: 4 weeks ago
  • Active installations: 10,000+
  • WordPress Version: 4.3 or higher
  • Tested up to: 5.4.1
  • PHP Version: 5.6 or higher
  • Languages:

    Albanian, Chinese (China), Chinese (Hong Kong), Chinese (Taiwan), Czech, Danish, English (Canada), English (UK), English (US), Finnish, Galician, German, Japanese, Norwegian (Bokmål), Polish, Russian, Spanish (Mexico), Spanish (Spain), Spanish (Venezuela), Swedish, Urdu, and Vietnamese.

    Translate into your language

  • Tags:
    authenticationlogintotptwo factortwo step
  • Advanced View

Ratings

See all
  • 5 stars 102
  • 4 stars 6
  • 3 stars 1
  • 2 stars 1
  • 1 star 2
Log in to submit a review.

Contributors

  • George Stephanis
  • Derek Herman
  • Steven Word
  • Daisuke Takahashi
  • Scott Grant
  • Aaron D. Campbell
  • John Blackbourn
  • Steve Grunwell
  • Stephen Edgar
  • Kaspars
  • Ali H. Arshad
  • Arslan Ahmed

Support

Issues resolved in last two months:

8 out of 9

View support forum

  • About
  • Blog
  • Hosting
  • Donate
  • Support
  • Developers
  • Get Involved
  • Showcase
  • Plugins
  • Themes
  • WordCamp
  • WordPress.TV
  • BuddyPress
  • bbPress
  • WordPress.com
  • Matt
  • Privacy
  • Public Code
  • @WordPress
  • WordPress

Code is Poetry.