If you are not familiar with short-codes, then many guides can be found using a search engine, for example this one.
The following short-codes are available:
twofactor_user_settings : This short-code will display the whole user configuration. Use this to allow your users to get/set their TFA settings. Alternatively, to design the page yourself, you can use the individual short-codes, following:
twofactor_user_settings_enabled : Display the option to turn TFA on or off. If you supply the parameter style=”require_current” then the user will have to enter the current code correctly to be allowed to activate TFA.
twofactor_user_qrcode : Display the user’s QR code for scanning.
twofactor_user_emergencycodes : Display the user’s emergency codes.
twofactor_user_advancedsettings : Display the user’s advanced settings (e.g. selecting TOTP or HOTP).
twofactor_user_privatekeys : Display the user’s private keys. Use the ‘type’ parameter, with values ‘full’ (default), ‘plain’, ‘base32’ or ‘base64’ to control exactly what is displayed.
twofactor_user_privatekeys_reset : Display a link for the user to reset (change) their private key.
twofactor_user_currentcode : Display the current TFA code.
twofactor_user_presstorefresh : Wrap this shortcode around any HTML that you want to cause the current TFA code (displayed by the twofactor_user_currentcode shortcode) to refresh when clicked. i.e. Use both an opening and closing shortcode tag; and whatever you put inside will cause an update if the user clicks on it. Example:
twofactor_conditional : Wrap this shortcode around any content that you wish to be displayed only if the condition is met. The condition is specified by the “onlyif” parameter, with valid values: active, inactive, available, unavailable. The content will be shown depending on whether the user has TFA available (i.e. the administrator has allowed it for their user level)/activated. You can use this, for example, to display notices to your users to suggest that they activate TFA, or to remind them that it is available, etc.
Here are a couple of screenshots of examples of using these shortcodes. In the first, the site owner is using the WordPress page editor to design his own TFA-setup page for users, using short-codes:
In the second is an example of the twofactor_conditional shortcode (make sure that you do not have anything cacheing a page it is used on):
Posted in: Two Factor Authentication