This plugin allows you to secure your WordPress login with two factor authentication. The users will have to enter a one time password every time they log in.
Users can have common or weak passwords, and this lets hackers and bots brute force their passwords and get access to their account. If the site is protected with a similar plugin, an intruder cannot get access to the account even if they know the password: this is where the second factor comes into play: to log in, they need to know the one time password.
This plugin uses the industry standard Time or Hash based One-time Password Algorithm to generate one time passwords.
One time passwords generated by the plugin can either be delivered by email, or be shown by third party applications (such as Google Authenticator). Because third party applications have to be configured first (you need to scan a QR code or enter some details manually), by default one time passwords are delivered by email.
- PHP 7.2 or newer
- OpenSSL extension
At the moment, only installation via Composer is supported.
To install the plugin, please run
composer require wildwolf/wp-two-factor-auth
in your WordPress root directory. The, please go to the Dashboard > Plugins, and activate the plugin.