WordPress Two-Factor Authentication TFA Description
Securing Users Accounts
Two-Factor Authentication Methods
The two-factor authentication (2FA) plugin from CreativeMinds can employ the following authentication methods:
- Google Authenticator – Require secret from Google’s secure app
- Mobile Phone SMS – Send a text message with a one-time key
- Email Code – Send a message with a one-time use code
- Email Link – Send a message with a one-time use link
- Email Code or SMS Code – Let the user a choice between sending a message with a one-time use code via email or SMS
|Setting the Protection Method||The WordPress Two-Factor Authentication plugin also lets the WordPress administrator define which user roles require two-factor login credentials. The admin can of course apply our enhanced security check for all users.|
Limit Logins by Number of IPs and Devices
Collecting Login Statistics
The plugin allows to collect statistics about all logins that were made using 2FA protection on your site.
|The statistics dashboard shows the detailed information about the user, login method, device and browser info, user's IP address, status of the login and login attempt time.||Login Statistics Dashboard|
User and Admin Notifications
Each login protection method has it's own email template for notifying users, either it's a message about creating a GA secret for the user, or SMS & email verifications.
Using One Time Passwords (OTP) and the User Registration Plugin
2FA Plugin Use Cases
WordPress Two-Factor Authentication Plugin Related Use Cases
WordPress Two-Factor Authentication Plugin Additional Resources
2FA-Related Blog Resources
WordPress Two Factor Authentication Features
|Google Authenticator – Require users to enter a unique code generated by their Google Authenticator app. Google uses Time-based One Time Passwords (TOTP) and HMAC-based One Time Passwords (HOTP) to protect your website. Learn more|
|Mobile Phone SMS – Send a SMS to users with the one-time password when they try to log in. The plugin uses the reliable Amazon SMS service (AWS SNS). Learn more|
|Email Verification – Send a unique link to the users’ email each time they try to log in. Learn more|
|Email Code – Send a unique code to the users’ email each time try to log in. Learn more|
|Access by User – Set a different two-factor authentication method for each user|
|Access by Role – Define which user roles need enhanced 2FA. Require an extra layer of security for users who are prone to using a weak or common password|
|IP Limit – Define how many IP address each user role can use to log in. Learn more.|
|Device Number – Choose how many devices each user can use to log in. Learn more.|
|Override Password – Choose users who will only need the secondary authentication method. They won’t require a password|
|Define Expiration – Define the duration of each code sent to the user Once expired, the user will need to generate a new code|
|Customize Notifications – All notifications, including SMS and email templates, can be easily customized|
|External Login Form – Add external login forms using a simple shortcode|
|Statistics – Collect statistics about all login attempts which were made with the enabled protection method|
|Labels – All frontend labels can easily be changed to any language so the user interface will speak your language|
WordPress Two Step Authentication Related Plugins
WordPress Two Factor Authentication Frequently Asked Questions
Does the SMS two factor authentication work in any country?
Does the SMS two factor authentication cost money?
Does the two factor service cost additional money?
How to use the Google Authenticator authentication?
The Google Authenticator app can be downloaded to an iPhone or an Android
It’s a free app. Once installed, you need to do an initial setup and after the setup it will produce a unique code to login to the site. Learn how to use it on Install Google Authenticator – Android – Google Account Help
How can the SMS service send a text if I don't have the user's mobile phone number?
Can I set the 2FA to only work for admin users?
Can each user use a different 2FA method?
Will it work with WooCommerce Form?
Secure Login and Two-Factor Authentication Image Gallery
Customer Reviews for the 2FA Plugin
- Super Secure
No one's data is safe anymore and passwords don't keep websites safe. This plugin is so secure and the extra authentication options are user-friendly and quick, so there are NO HEADACHES with login. Features are A+++.
- My clients are impressed
And they are demanding ;) In all seriousness, no one trusts only passwords anymore. It's good to have a plugin to centralize all 2FA settings, so kudos for the CM team
- Many options
This plugin goes the extra mile by allowing you to set different authentication methods for each user. I'm sold
- Perfect for safety
I added the Google Authenticate 2FA to all users in my site and I feel much safer now!