Plugin Directory

Test out the new Plugin Directory and let us know what you think.
!This plugin hasn’t been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

Second Factor

Require secondary authentication for registered user access

This plugin prevents logged in users from doing anything on your wordpress.org blog until they have verified their second factor of authentication. The process goes like this:

  1. A user logs into your blog.
    • Behind the scenes a bunch of cryptographic stuff happens and a key is generated and attached to that user. The key is overwritten with a new one every single time they log in. This key is emailed to that user (via the email address the user is registered under.)
  2. The user gets the email with the code.
  3. The user then enters the code at the page which is now presented to them when they are trying to access your blog
    • Behind the scenes the token is checked for validity, and a cookie is added to the users session. They are now allowed access to your blog. If the key changes (the user logs out, or is required to log in again) the cookie that they may have been using will no longer be valid and they will be asked to enter the new one that they get via email.

Requires: 3.0.1 or higher
Compatible up to: 3.1.4
Last Updated: 6 years ago
Active Installs: Less than 10


0 out of 5 stars


Got something to say? Need help?


Not enough data

0 people say it works.
0 people say it's broken.