WordPress.org

Ready to get started?Download WordPress

Forums

Google Authenticator
Great Plugin (12 posts)

5 stars
  1. 344kellogg
    Member
    Posted 5 months ago #

    Works exactly as advertised.

  2. Henrik Schack
    Member
    Plugin Author

    Posted 5 months ago #

    Hi
    Honestly, no clue.
    Do you have access to your webservers logfiles,
    I guess they can provide some debug information

    best regards
    Henrik Schack

  3. 344kellogg
    Member
    Posted 5 months ago #

    I use Code Guard to backup my sites. If I do a full site restore to yesterday would that overwrite anything I added today (including the Google Authenticator plugin)?

  4. Henrik Schack
    Member
    Plugin Author

    Posted 5 months ago #

    Yes, but a simpler solution would be to use ftp to remove the google-authenticator folder

    best regards
    Henrik Schack

  5. 344kellogg
    Member
    Posted 5 months ago #

    Oh ok. I'll do that. Thanks.

  6. Henrik Schack
    Member
    Plugin Author

    Posted 5 months ago #

    I would really like to dig into this, would you care to email me a list of your active plugins?
    and if you can get your hands on some logfiles that would also be helpful.

    I can be reached at: henrik at schack dot dk

    Br Henrik Schack

  7. 344kellogg
    Member
    Posted 5 months ago #

    I got it working. Thanks for the help though. It was my fault...I didn't read the instructions carefully enough! Everything is up and running. It works great.

  8. Henrik Schack
    Member
    Plugin Author

    Posted 5 months ago #

    Great :-)

  9. 344kellogg
    Member
    Posted 5 months ago #

    I have a question. Is gaining access to someone's username/password the biggest threat to the security of a WordPress site? Or are there other, equally, vulnerable areas? I'm trying to understand security better. For example, a couple years ago, I had one of my WordPress sites hacked somehow and a bunch of PHP code injections were added to multiple files. It was a nightmare. But I don't think they got in through my username/password (at least that's what I was told by Rackspace who I was hosting with at the time).

  10. Henrik Schack
    Member
    Plugin Author

    Posted 5 months ago #

    May I ask what went wrong ? Would like to avoid 2 star reviews if it's something I can prevent in the plugin :-)

    Best regards
    Henrik Schack

  11. Henrik Schack
    Member
    Plugin Author

    Posted 5 months ago #

    Hi
    Access to username/password is a problem.
    A lot of WordPress installations have the default username "admin" active, so actually you only have to guess the password, in such a case two factor authentication could increase security a great deal.
    There are a few plugins available that can fix some of this stuff, ie rename the admin user rename the default table names etc.

    Always keeping your WordPress installation and plugins up2date with the latest versions is also very important, everyone makes mistakes from time to time that needs fixing.

    A different approach could be to use an application firewall, Naxsi for the nginx webserver looks nice, but I haven't tried it myself
    https://www.owasp.org/index.php/OWASP_NAXSI_Project

    Best regards
    Henrik Schack

  12. 344kellogg
    Member
    Posted 5 months ago #

    Thanks for the info.

Reply

You must log in to post.

About this Plugin

About this Topic

Tags

No tags yet.