WP 2FA – Two-factor authentication for WordPress

Opis

A FREE & EASY TO USE TWO-FACTOR AUTHENTICATION PLUGIN FOR WORDPRESS

Add an extra layer of security to your WordPress website login page and its users. Enable two-factor authentication (2FA), the best protection against users using weak passwords, and automated password guessing and brute force attacks.

Features | Getting Started | More Info

Use the WP 2FA plugin to enable two-factor authentication for your WordPress administrator user, and to enforce your website users, or some of them to use 2FA. This plugin is very easy to use. It has wizards with clear instructions, so even non technical users can setup 2FA without requiring technical assistance.

Maintained & Supported by WP White Security

WP White Security builds high-quality niche WordPress security & admin plugins such as Password Policy Manager, a plugin with which you can ensure all your users use strong passwords.

Browse our list of WordPress plugins that can help you better manage and improve the security of your WordPress websites and users.

WP 2FA Key plugin features & capabilities

  • Free Two-factor authentication (2FA) for all users
  • Supports TOTP (code from 2FA apps like Google Authenticator and Authy) and OTP (email based codes)
  • Supports 2FA backup codes
  • Very easy to use and wizard driven
  • Use policies to enforce 2FA with a grace period or require your users to instantly setup 2FA upon login
  • Protection against automated password guessing and dictionary attacks

FREE Plugin Support

Support for the WP 2FA plugin is available for free via:

For any other queries, feedback, or if you simply want to get in touch with us please use our contact form.

Related Links and Documentation

From within WordPress

  1. Visit 'Plugins > Add New'
  2. Search for 'WP 2FA'
  3. Install & activate the WP 2FA from your Plugins page.

Manually

  1. Download the plugin from the WordPress plugins repository
  2. Unzip the zip file and upload the wp-2fa folder to the /wp-content/plugins/ directory
  3. Activate the WWP 2FA plugin through the 'Plugins' menu in WordPress

Zrzuty ekranów

  • The first-time install wizard allows you to setup 2FA on your website and for your user within seconds.
  • The wizards make setting up 2FA very easy, so even non technical users can setup 2FA without requiring help.
  • You can require users to enable 2FA and also give them a grace period to do so.
  • Users can also use one-time codes via email as a two-factor authentication method.
  • You can use policies to require users to instantly set up and use 2FA, so the next time they login they will be prompted with this.
  • It is recommended for all users to also generate backup codes, in case they cannot access the primary device.
  • In the user profile users only have a few 2FA options, so it is not confusing for them and everything is self explanatory.
  • The plugin blocks the accounts of users who are required to have 2FA but fail to enable it within the grace period, so they do not jeopardize the security of your website.

Recenzje

4 sierpnia 2021
Hey, I installed WP 2FA. Ok then I did the auto installation - did nothing manual. After that I selected Authy as method. Then I was prompted the first time code, so tooked the code from authy and pressed the button - nothing happened. I tried with 2 other Browser and even another computer - same. Worst thing I was no longer able to visit other tabs in my WordPress, for example to deinstall that worthless plugin. The prompt came all the time it wanted my to enter that first time code - which did not work, just nothing happened. I even tried with 2 other methods from Google and Microsoft, with these authentificators it was the same mess. Only by deleting the directory via FTP I got rid of that most dangerous plugin... My dear that was really a very bad experience.
29 lipca 2021
I have used this plugin for some time. It works well and support is responsive and helpful. The experience says to me that I will be comfortable when buying their pro plugins. Thank you to the team at White Security
29 lipca 2021
Was extremely easy to instal, configure and implement. Done within minutes. Suggesting the addition of 2FA via SMS would enhance this plugin greatly!
23 lipca 2021
I tried "WP 2FA" on 2 staging sites and the only thing I got when trying to log in as an user was a message saying "ERR_TOO_MANY_REDIRECTS". Sometimes I got this error message even when trying to log in as an admin, but I do always got that message when trying to log in as an user. I have no idea about how to solve that. Luckly I tried it on staging sites.
7 czerwca 2021
Very easy to implement, professional user-facing interface, comprehensive set of admin options that are easy to use. I tried several other 2FA plugins, but they either didn't work correctly on multisite, or had limited features, or required a subscription. Thank you for such an excellent plugin!
7 czerwca 2021
This plugin took less than a minute to configure. I already have Google Authenticator on my phone, so I only needed to scan the QR code to add it. It works perfectly.
Przeczytaj 49 recenzji

Kontrybutorzy i deweloperzy

„WP 2FA – Two-factor authentication for WordPress” jest oprogramowaniem open source. Poniższe osoby miały wkład w rozwój wtyczki.

Zaangażowani

Wtyczka “WP 2FA – Two-factor authentication for WordPress” została przetłumaczona na 6 języków. Podziękuj tłumaczom za ich wkład.

Przetłumacz wtyczkę “WP 2FA – Two-factor authentication for WordPress” na swój język.

Interesuje cię rozwój wtyczki?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Log zmian

1.7.0 (2021-07-15)

Release notes: WP 2FA 1.7: Refactored plugin for better performance, design, and reliability

  • Improvements

    • Refactored the plugin (major improvements in terms of product design, performance, & reliability).
    • Refactored the way the plugin saves and retrieves user 2FA properties.
    • Moved plugin and 2FA settings in separate menu (no longer under the Settings section).
    • Added a number of new tags that can be used in the plugin’s email templates.
    • Improved the way and logic of how the plugin works on a multisite network.
    • Improved the handling of users with super admin privileges in the 2FA policies.
    • Implemented a new check, so administrators cannot deselect all of the available 2FA methods.
    • Excluded users/roles setting now only available when 2FA policies are set to „All users” (simplified model)
    • Improved the first-time install wizard (both UX and UI)
    • Improved the user 2FA wizard (both UX and UI)
    • When a user completes the first-time install wizard, the user is redirected to plugin settings.
    • Added the new plugin logo in the wizards etc (refer to this FAQ for more information on how to replace or remove the plugin logo from the wizards).
  • Bug fixes

    • User roles that contain a space can now be excluded.
    • Custom redirection is now honored even after the backup codes setup.

Refer to the complete plugin changelog for more detailed information about what was new, improved and fixed in previous version updates of WP 2FA.