Description
Plugin FAQs for this particular plugin can be read here. FAQs which apply to all our commercial plugins can be read here.
Screenshots
The user is asked for their one-time password, after successfully entering their username and password on the WP login form:
This is what the user sees if they enter their pass-code wrongly:
The user is asked for their one-time password, after successfully entering their username and password on the WooCommerce login form:
This is what the user sees if they enter their pass-code wrongly:
This screen is of the user editing their two-factor settings in the WP dashboard:
The user’s settings can also be made available to edit on the front-end, via a shortcode:
Site-wide settings for the plugin:
Setting policy to require TFA:
Trusted devices:
Emergency codes:
Adjusting other users’ TFA codes as an administrator:
Designing your own page for users, using shortcodes:
Short-codes
The following short-codes are available:
twofactor_user_settings : This short-code will display the whole user configuration. Use this to allow your users to get/set their TFA settings. Alternatively, to design the page yourself, you can use the individual short-codes, following:
twofactor_user_settings_enabled : Display the option to turn TFA on or off.
twofactor_user_qrcode : Display the user’s QR code for scanning.
twofactor_user_emergencycodes : Display the user’s emergency codes.
twofactor_user_advancedsettings : Display the user’s advanced settings (e.g. selecting TOTP or HOTP).
twofactor_user_privatekeys : Display the user’s private keys. Use the ‘type’ parameter, with values ‘full’ (default), ‘plain’, ‘base32’ or ‘base64’ to control exactly what is displayed.
twofactor_user_privatekeys_reset : Display a link for the user to reset (change) their private key.
twofactor_user_currentcode : Display the current TFA code.
twofactor_user_presstorefresh : Wrap this shortcode around any HTML that you want to cause the current TFA code (displayed by the twofactor_user_currentcode shortcode) to refresh when clicked.
twofactor_conditional : Wrap this shortcode around any content that you wish to be displayed only if the condition is met. The condition is specified by the “onlyif” parameter, with valid values: active, inactive, available, unavailable. The content will be shown depending on whether the user has TFA available (i.e. the administrator has allowed it for their user level)/activated. You can use this, for example, to display notices to your users to suggest that they activate TFA, or to remind them that it is available, etc.