Two Factor Authentication
Secure WordPress login with Two Factor Authentication - supports WP, Woo + other login forms, HOTP, TOTP (Google Authenticator, Authy, etc.)
Overview
Compatibility
Installation instructions
Customer support & learning resources
Changelog
Main benefits
Supports TOTP + HOTP
Graphical QR code display
Per-role TFA availability
Trusted devices option
Encrypts secret keys
About this plugin
Overview
Enhanced Security
- Supports standard TOTP + HOTP protocols, compatible with Google Authenticator, Authy, and many others.
- Encrypts TFA-generating secret keys using an on-disk encryption key, requiring attackers to break into both the WordPress database and files.
- Includes extra security checks and alerts users if someone appears to have found out their password.
User Flexibility
- TFA can be turned on or off by each user and made available on a per-role basis.
- Supports front-end editing of settings via shortcode, allowing users to manage TFA without accessing the WP dashboard.
- Allows site owners to enable 'trusted devices' to reduce the frequency of TFA code requests.
Compatibility with Various Login Forms
- Works with 'Theme My Login', WooCommerce, Affiliates-WP, Ultimate Membership Pro, CozmosLabs Profile Builder, and Ultimate Member login forms.
- Supports Elementor Pro, bbPress, and Gravity Forms User Registration add-on login forms in the Premium version.
- Compatible with any third-party login form in the Premium version without additional coding.
Administrative Control
- Administrators can access and manage other users' TFA codes, turning them on or off as needed.
- TFA can be required for specified user levels after a defined time period, with options to force immediate setup.
- Includes emergency codes for users who lose their phone/tablet in the Premium version.
Features list
Feature
Premium version
Supports standard TOTP + HOTP protocols
Supports standard TOTP and HOTP protocols for two-factor authentication.
Displays graphical QR codes for easy scanning
Displays graphical QR codes to simplify the scanning process.
TFA can be made available on a per-role basis
Two-factor authentication can be enabled based on user roles.
TFA can be turned on or off by each user
Users have the option to enable or disable two-factor authentication.
TFA can be made compulsory for chosen user roles
Two-factor authentication can be mandated for specific user roles.
Supports front-end editing of settings
Allows users to edit settings directly from the front-end.
Allows 'trusted devices' for a chosen number of days
Users can mark devices as trusted for a specified duration.
Includes native support for various login forms
Provides built-in support for multiple types of login forms.
Optional anti-bot protection on WooCommerce login forms
Offers optional anti-bot protection for WooCommerce login forms.
Encrypts TFA-generating secret keys
Ensures that TFA-generating secret keys are encrypted for security.
WP Multisite compatible
Compatible with WordPress Multisite installations.
Simplified user interface and code base
Features a user-friendly interface and streamlined code base.
Emergency codes for when you lose your device
Provides emergency codes for account access if the device is lost.
Administrators can access other users’ codes
Allows administrators to view and manage other users' codes.
Translatable
Supports translation for use in different languages.
Pricing
In some cases companies have different prices based on various components like a location. As a result the prices displayed here can differ from the ones you see on their websites.
See all pricing options