WordPress Auth using Google Authenticator is a simple plugin which allows authorization with Google Authenticator tokens. Very easy to install and configure.
Plugin’s Official Site
WordPress Auth using Google Authenticator by XLT (http://xlt.pl/googleauth.html)
Login to WordPress admin panel, go to ‘Plugins’, next click ‘Add New’, choose ‘Upload’, click ‘Browse’ and find a xlt-totp-auth.zip and next click ‘Upload Now’
If plugin is installed, remember to activate it.
Go to Settings >> XLT TOTP Auth and check if “Token authorization enabled” is checked.
Go to Users >> Your profile and scroll to the bottom of page and find XLT TOTP Auth section.
Check “Enabled TOTP Auth”. “Secret code” will appear. Click “Generate new” and wait for new secret code. After generation click “Update profile”.
Scan QR Code in your Google Authenticator application or enter “Secret code for Google Authenticator” code manually. You should also write this code in safe place. If you reinstall Google Authenticator software or loose your phone you will not be able to login.
Next time on login screen “Google Authenticator token” field will appear. Enter your login, password and generated code and login. If user has not enabled “TOTP Auth” just leave this field empty.
- What should I do if I lost my phone or reinstall Google Authenticator?
Probably the best way is to delete plugin folder using FTP or any file manager. After that plugin will not work.
I wanted a plugin where I could enable two-factor auth for all users, then email them their key. That way, I can be sure no users are able to login without 2 factor.
This was the only plugin I found that allowed me to do this – I must have tried 7 or 8 others.
Contributors & Developers
“Google Authenticator by XLT” is open source software. The following people have contributed to this plugin.
Interested in development?
18/01/2014 – v1.0