Use the “Two-Factor Options” section under “Users” → “Your Profile” to enable and configure one or multiple two-factor authentication providers for your account:
- Email codes
- Time Based One-Time Passwords (TOTP)
- FIDO Universal 2nd Factor (U2F)
- Backup Codes
- Dummy Method (only for testing purposes)
For more history, see this post.
Actions & Filters
Here is a list of action and filter hooks provided by the plugin:
two_factor_providersfilter overrides the available two-factor providers such as email and time-based one-time passwords. Array values are PHP classnames of the two-factor providers.
two_factor_enabled_providers_for_userfilter overrides the list of two-factor providers enabled for a user. First argument is an array of enabled provider classnames as values, the second argument is the user ID.
two_factor_user_authenticatedaction which receives the logged in
WP_Userobject as the first argument for determining the logged in user right after the authentication workflow.
two_factor_token_ttlfilter overrides the time interval in seconds that an email token is considered after generation. Accepts the time in seconds as the first argument and the ID of the
WP_Userobject being authenticated.
How can I send feedback or get help with a bug?
The best place to report bugs, feature suggestions, or any other (non-security) feedback is at the Two Factor GitHub issues page. Before submitting a new issue, please search the existing issues to check if someone else has reported the same feedback.
Where can I report security bugs?
The plugin contributors and WordPress community take security bugs seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
To report a security issue, please visit the WordPress HackerOne program.
Contributors & Developers
“Two-Factor” is open source software. The following people have contributed to this plugin.Contributors
See the release history.