Skip to content
Two-Factor Authentication for WordPress.
PHP JavaScript CSS
Branch: master
Clone or download

Latest commit

Latest commit 529c973 May 6, 2020

Files

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
assets Added New Image (#310) Dec 26, 2019
includes fix typos, docs standards (#323) Jan 28, 2020
providers Add email token expiry (#352) May 6, 2020
tests Add email token expiry (#352) May 6, 2020
.coveralls.yml src_dir is no longer used by satooshi/php-coveralls Feb 6, 2016
.distignore Basic deploy tools (#254) Oct 16, 2018
.editorconfig Tooling update (#277) Apr 12, 2019
.gitignore Fix the GitHub repo URL and track Composer deps (#346) Apr 30, 2020
.jscsrc Basic deploy tools (#254) Oct 16, 2018
.jshintignore Add unit test for U2F & Apply Coding Standards Aug 26, 2015
.jshintrc Add .jshintrc Aug 31, 2015
.travis.yml WP core no longer supports older versions of PHP (#320) Jan 11, 2020
Gruntfile.js Basic deploy tools (#254) Oct 16, 2018
LICENSE.md Create LICENSE.md (#313) Jan 8, 2020
class-two-factor-compat.php fix typos, docs standards (#323) Jan 28, 2020
class-two-factor-core.php Allow admins to configure U2F keys for other users (#349) Apr 30, 2020
composer.json Fix the GitHub repo URL and track Composer deps (#346) Apr 30, 2020
composer.lock
package-lock.json Version 0.5.1 (#330) Feb 5, 2020
package.json Version 0.5.1 (#330) Feb 5, 2020
phpcs.xml Disable XML-RPC and REST login by default (#271) Mar 19, 2019
phpunit.xml Disable XML-RPC and REST login by default (#271) Mar 19, 2019
readme.md Release 0.6.0 (#354) May 6, 2020
readme.txt Release 0.6.0 (#354) May 6, 2020
two-factor.php Release 0.6.0 (#354) May 6, 2020
user-edit.css Migrate styles for admin form table to an external stylesheet. Aug 30, 2015

readme.md

Two-Factor

Banner Enable Two-Factor Authentication using time-based one-time passwords (OTP, Google Authenticator), Universal 2nd Factor (FIDO U2F, YubiKey), email and backup verification codes.

Contributors: georgestephanis, valendesigns, stevenkword, extendwings, sgrant, aaroncampbell, johnbillion, stevegrunwell, netweb, kasparsd, alihusnainarshad, passoniate
Tags: two factor, two step, authentication, login, totp, fido u2f, u2f, email, backup codes, 2fa, yubikey
Requires at least: 4.3
Tested up to: 5.4
Stable tag: trunk (master)
Requires PHP: 5.6

Build Status Coverage Status Built with Grunt

Description

Use the "Two-Factor Options" section under "Users" → "Your Profile" to enable and configure one or multiple two-factor authentication providers for your account:

  • Email codes
  • Time Based One-Time Passwords (TOTP)
  • FIDO Universal 2nd Factor (U2F)
  • Backup Codes
  • Dummy Method (only for testing purposes)

For more history, see this post.

Actions & Filters

Here is a list of action and filter hooks provided by the plugin:

  • two_factor_providers filter overrides the available two-factor providers such as email and time-based one-time passwords. Array values are PHP classnames of the two-factor providers.
  • two_factor_enabled_providers_for_user filter overrides the list of two-factor providers enabled for a user. First argument is an array of enabled provider classnames as values, the second argument is the user ID.
  • two_factor_user_authenticated action which receives the logged in WP_User object as the first argument for determining the logged in user right after the authentication workflow.
  • two_factor_token_ttl filter overrides the time interval in seconds that an email token is considered after generation. Accepts the time in seconds as the first argument and the ID of the WP_User object being authenticated.

Screenshots

Two-factor options under User Profile.

Two-factor options under User Profile.

U2F Security Keys section under User Profile.

U2F Security Keys section under User Profile.

Email Code Authentication during WordPress Login.

Email Code Authentication during WordPress Login.

Get Involved

Development happens on GitHub. Join the #core-passwords channel on WordPress Slack (sign up here).

Here is how to get started:

$ git clone https://github.com/wordpress/two-factor.git
$ npm install

Then open a pull request with the suggested changes.

Changelog

See the release history.

You can’t perform that action at this time.