WordPress.org

Ready to get started?Download WordPress

Forums

Google Authenticator
[resolved] Feature Request - Separate From Username/Password Area (6 posts)

  1. bamajr
    Member
    Posted 1 year ago #

    I know there is a similar topic at http://wordpress.org/support/topic/feature-request-ask-for-code-on-second-page but I felt this was enough of a difference to post a separate request.

    The biggest issue I have with this plugin, is in how it negates the stored usernames/passwords from working. I allow Safari to save my Username/Password, for each of my WordPress websites. When the new OS X Mavericks comes out, these passwords will be part of those sync'ed over iCloud, for use on all my other devices. I do not want Safari to stop auto-populating the Username/Password, but I still want to be asked for the Google Authenticator Code.

    In addition, this plugin renders the WordPress iOS app, completely useless. When this plugin is installed, WordPress iOS cannot connect to the website. I know it is it's own app, but I'm assuming the issue could be resolved by separating the Username/Password screen from the Google Authenticator screen. Ultimately, I want to use the Google Authenticator on the iOS app, as well.

    http://wordpress.org/extend/plugins/google-authenticator/

  2. Henrik Schack
    Member
    Plugin Author

    Posted 1 year ago #

    Regarding your iOS app, did you read this FAQ entry :

    Can I use Google Authenticator for WordPress with the Android/iPhone apps for WordPress?

    Yes, you can enable the App password feature to make that possible, but notice that the XMLRPC interface isn't protected by two-factor authentication, only a long password.

    Best regards
    Henrik Schack

  3. bamajr
    Member
    Posted 1 year ago #

    Yes, I did read it. I'm saying my access, via the iOS WordPress app, should be protected by the two-factor authentication, instead of a long password.

    I'm also saying that the two-factor authentication should be a secondary step, on a second screen, after the username/password screen, just like when you use any of the Google services.

    I want the ability to store my usernames/passwords, but secure the websites, by forcing two-factor authentication. I do not want to be forced to remember the username/password for the web interface nor the username/long-password for the WordPress iOS interface.

  4. Henrik Schack
    Member
    Plugin Author

    Posted 1 year ago #

    I'm not the on programming the iOS app, I don't think there is any way I can fix that.

    Best regards
    Henrik Schack

  5. Ian Dunn
    Member
    Posted 7 months ago #

    I just released a new plugin to separate the token prompt from the username/password screen. It runs alongside Google Authenticator and modifies the login workflow so that only users with 2FA enabled are prompted.

    It's available at http://wordpress.org/plugins/google-authenticator-per-user-prompt/

  6. Henrik Schack
    Member
    Plugin Author

    Posted 6 months ago #

    I may have found a smart way of doing this with risking to break down everything during upgrades, I'll be testing in near future.

    Best regards
    Henrik Schack

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic