The simple \"2FA Security\" settings page in the admin dashboard.<\/p>","2":"
The QR code and activation step.<\/p>","3":"
The post-activation screen, showing the one-time backup codes.<\/p>","4":"
The separate 2FA verification screen that appears after a successful password login.<\/p>"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[9211,710,602,600,9217],"plugin_category":[38,54],"plugin_contributors":[251998],"plugin_business_model":[],"class_list":["post-260150","plugin","type-plugin","status-publish","hentry","plugin_tags-2fa","plugin_tags-authentication","plugin_tags-login","plugin_tags-security","plugin_tags-two-factor","plugin_category-authentication","plugin_category-security-and-spam-protection","plugin_contributors-usamashahadat","plugin_committers-usamashahadat"],"banners":{"banner":"https:\/\/ps.w.org\/usama-simple-2fa-authenticator\/assets\/banner-772x250.png?rev=3415711","banner_2x":"https:\/\/ps.w.org\/usama-simple-2fa-authenticator\/assets\/banner-1544x500.png?rev=3415711","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":"https:\/\/ps.w.org\/usama-simple-2fa-authenticator\/assets\/icon.svg?rev=3415711","icon":"https:\/\/ps.w.org\/usama-simple-2fa-authenticator\/assets\/icon.svg?rev=3415711","icon_2x":false,"generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/usama-simple-2fa-authenticator\/assets\/Screenshot-1.PNG?rev=3415711","caption":"
The simple \"2FA Security\" settings page in the admin dashboard.<\/p>"},{"src":"https:\/\/ps.w.org\/usama-simple-2fa-authenticator\/assets\/Screenshot-2.PNG?rev=3415711","caption":"
The QR code and activation step.<\/p>"},{"src":"https:\/\/ps.w.org\/usama-simple-2fa-authenticator\/assets\/Screenshot-3.PNG?rev=3415711","caption":"
The post-activation screen, showing the one-time backup codes.<\/p>"},{"src":"https:\/\/ps.w.org\/usama-simple-2fa-authenticator\/assets\/Screenshot-4.PNG?rev=3415711","caption":"
The separate 2FA verification screen that appears after a successful password login.<\/p>"}],"raw_content":"\n
This plugin enhances the security of your WordPress website by adding a simple but effective two-factor authentication (2FA) screen after a successful password login.<\/p>\n\n
Instead of adding fields to the main login page (which can cause conflicts), this plugin waits until a user has correctly entered their username and password. Then, it intercepts the login and presents them with a clean, separate screen to enter their 6-digit code from an authenticator app (like Google Authenticator, Authy, etc.).<\/p>\n\n
This method is more secure, more compatible, and provides a smoother user experience.<\/p>\n\n
Features:<\/p>\n\n
Secure Post-Login Verification: 2FA check happens on a separate screen, after the password is correct.<\/p>\n\n
Easy Setup: A simple \"Usama 2FA\" menu page for each user to scan a QR code and activate 2FA.<\/p>\n\n
Backup Codes: On activation, 10 one-time-use backup codes are generated in case you lose your phone.<\/p>\n\n
Regenerate Codes: You can generate new backup codes at any time from the settings page.<\/p>\n\n
Lightweight & Simple: No bloat. Just the essential 2FA features.<\/p>\n\n
Per-User: 2FA is enabled on a per-user basis. Administrators cannot control 2FA for other users.<\/p>\n\n
This plugin connects to a third-party API to generate the QR codes used during setup.<\/p>\n\n
Service: goqr.me API (https:\/\/www.google.com\/search?q=api.qrserver.com)<\/p>\n\n
Usage: Used only once during setup to generate a QR code image that users scan with their authenticator app.<\/p>\n\n
Data Sent: The API receives the user's email address and the generated secret key (inside the OTPAuth URL) to create the image. This data is not stored by the service.<\/p>\n\n
Provider: Foundata GmbH<\/p>\n\n
Terms of Use: Terms of Use<\/p>\n\n
Privacy Policy: Privacy Policy<\/p>\n\n\n
From your WordPress Dashboard (Recommended):<\/p>\n\n
Navigate to Plugins > Add New.<\/p>\n\n
In the search bar, type \"Usama Simple 2FA Authenticator\".<\/p>\n\n
Click \"Install Now\" on the plugin.<\/p>\n\n
Click \"Activate\".<\/p>\n\n
Once activated, a new \"2FA Security\" menu will appear in your admin sidebar. Click on it to set up your 2FA.<\/p>\n\n
Manual Installation (from .zip):<\/p>\n\n
Download the plugin .zip file.<\/p>\n\n
Navigate to Plugins > Add New in your WordPress dashboard.<\/p>\n\n
Click the \"Upload Plugin\" button at the top of the page.<\/p>\n\n
Select the .zip file you downloaded and click \"Install Now\".<\/p>\n\n
Click \"Activate\".<\/p>\n\n
Go to the \"2FA Security\" menu in your sidebar to set up.<\/p>\n\n\n
What authenticator apps does this work with?<\/p>\n\n
This plugin uses the standard TOTP (Time-based One-Time Password) algorithm. It works perfectly with:<\/p>\n\n
Google Authenticator<\/p>\n\n
Authy<\/p>\n\n
Microsoft Authenticator<\/p>\n\n
1Password<\/p>\n\n
LastPass Authenticator<\/p>\n\n
...and any other standard TOTP app.<\/p>\n\n
What happens if I lose my phone?<\/p>\n\n
When you first activate 2FA, the plugin provides you with 10 one-time-use backup codes. You must save these in a secure place (like a password manager or a printed document). If you lose your phone, you can use one of these backup codes in place of the 6-digit authenticator code to log in.<\/p>\n\n
How do I get new backup codes?<\/p>\n\n
Go to the \"2FA Security\" page in your admin dashboard. You will see an option to \"Generate New Backup Codes\". This will invalidate all of your old codes and create a new set for you.<\/p>\n\n
Is this plugin secure?<\/p>\n\n
Yes. Your secret key is stored securely in your user's metadata, and the login check uses a separate, temporary key (a \"transient\") to manage the post-login verification step. All codes are checked using standard, secure cryptographic methods.<\/p>\n\n\n
Initial public release.<\/p>\n\n
Added post-login 2FA verification screen.<\/p>\n\n
Added user-specific admin menu for 2FA setup.<\/p>\n\n
Implemented QR code and manual key setup.<\/p>\n\n
Implemented backup code generation and verification.<\/p>","raw_excerpt":"A simple, secure 2FA plugin that adds a verification screen after login, requiring a code from your authenticator app.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/260150","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=260150"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/usamashahadat"}],"wp:attachment":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=260150"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=260150"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=260150"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=260150"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=260150"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=260150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}