Skip to content
  • Log In
  • Register
WordPress.org
  • News
  • Download & Extend
    • Get WordPress
    • Themes
    • Patterns
    • Plugins
    • Openverse
    • Mobile
    • Hosting
  • Learn
    • Learn WordPress
    • Documentation
    • Forums
    • WordPress.tv
    • Developers
  • Community
    • Make WordPress
    • WordCamp
    • Meetups
    • Photo Directory
    • Job Board
    • Five for the Future
  • About
    • About WordPress
    • Showcase
    • Gutenberg
    • Enterprise
  • Get WordPress
Get WordPress

Plugins

  • My Favorites
  • Beta Testing
  • Developers
Download

Two-Factor

By Plugin Contributors
  • Details
  • Reviews
  • Development
Support

Description

Use the “Two-Factor Options” section under “Users” → “Your Profile” to enable and configure one or multiple two-factor authentication providers for your account:

  • Email codes
  • Time Based One-Time Passwords (TOTP)
  • FIDO Universal 2nd Factor (U2F)
  • Backup Codes
  • Dummy Method (only for testing purposes)

For more history, see this post.

Actions & Filters

Here is a list of action and filter hooks provided by the plugin:

  • two_factor_providers filter overrides the available two-factor providers such as email and time-based one-time passwords. Array values are PHP classnames of the two-factor providers.
  • two_factor_enabled_providers_for_user filter overrides the list of two-factor providers enabled for a user. First argument is an array of enabled provider classnames as values, the second argument is the user ID.
  • two_factor_user_authenticated action which receives the logged in WP_User object as the first argument for determining the logged in user right after the authentication workflow.
  • two_factor_token_ttl filter overrides the time interval in seconds that an email token is considered after generation. Accepts the time in seconds as the first argument and the ID of the WP_User object being authenticated.

Get Involved

Development happens on GitHub.

Screenshots

  • Two-factor options under User Profile.
  • U2F Security Keys section under User Profile.
  • Email Code Authentication during WordPress Login.

Reviews

My go-to plugin for 2FA!

Timi Wahalahti January 24, 2023
Works flawlessly! Easy UI for users to setup their 2FA, does not need much configuration if at all. And what I appericiate, does just one thing and does it good - instead of being packed with multiple more or less related functionalities.

Compact and works perfectly!

atkulp December 6, 2022
This is a great plugin to enable something Wordpress should probably offer out of the box. With all the hits I see trying to login to my site, I feel safer knowing I have two-factor enabled! My only request would be to be able to set a cookie to trust a given browser longer so I don't need to reauthenticate as often on my main laptop.

Great plugin

Luis December 6, 2022
The best to increase the security of your WordPress.

Good Plugin

melvinhinds November 8, 2022
Good Plugin. Best for security

HOTP longer with characters and letters

alejandro2m September 20, 2022
I love HOTP. I wish they made it longer and added characters and letters in between. I read they can hack the 2FA app six digits in less than a day. With these add-ons, it would take years. Many thanks

Wow nice plugin

arafatamin July 18, 2022
Wow nice plugin
Read all 157 reviews

Contributors & Developers

“Two-Factor” is open source software. The following people have contributed to this plugin.

Contributors
  • George Stephanis
  • Derek Herman
  • Steven Word
  • Daisuke Takahashi
  • Scott Grant
  • Aaron D. Campbell
  • John Blackbourn
  • Steve Grunwell
  • Stephen Edgar
  • Kaspars
  • Ali Husnain
  • Arslan Kalwar

“Two-Factor” has been translated into 32 locales. Thank you to the translators for their contributions.

Translate “Two-Factor” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

See the release history.

Community Plugin

Contribute

This plugin is developed and supported by a community.

Meta

  • Version: 0.7.3
  • Last updated: 4 months ago
  • Active installations: 50,000+
  • WordPress Version: 4.3 or higher
  • Tested up to: 6.0.3
  • PHP Version: 5.6 or higher
  • Languages:

    Albanian, Arabic, Catalan, Chinese (China), Chinese (Hong Kong), Chinese (Taiwan), Czech, Danish, Dutch, Dutch (Belgium), English (Canada), English (UK), English (US), Finnish, French (Canada), French (France), Galician, German, Italian, Japanese, Norwegian (Bokmål), Persian, Polish, Russian, Slovak, Spanish (Colombia), Spanish (Ecuador), Spanish (Mexico), Spanish (Spain), Spanish (Venezuela), Swedish, Urdu, and Vietnamese.

    Translate into your language

  • Tags:
    authenticationlogintotptwo factortwo step
  • Advanced View

Ratings

See all
  • 5 stars 138
  • 4 stars 11
  • 3 stars 0
  • 2 stars 2
  • 1 star 6
Log in to submit a review.

Contributors

  • George Stephanis
  • Derek Herman
  • Steven Word
  • Daisuke Takahashi
  • Scott Grant
  • Aaron D. Campbell
  • John Blackbourn
  • Steve Grunwell
  • Stephen Edgar
  • Kaspars
  • Ali Husnain
  • Arslan Kalwar

Support

Issues resolved in last two months:

0 out of 3

View support forum

  • About
  • News
  • Hosting
  • Donate
  • Swag
  • Documentation
  • Developers
  • Get Involved
  • Learn
  • Showcase
  • Plugins
  • Themes
  • Patterns
  • WordCamp
  • WordPress.TV
  • BuddyPress
  • bbPress
  • WordPress.com
  • Matt
  • Privacy
  • Public Code
WordPress.org
WordPress.org
  • Visit our Facebook page
  • Visit our Twitter account
  • Visit our Instagram account
  • Visit our LinkedIn account
Code is Poetry