Google Authenticator
Great for security (3 posts)

  1. mampf
    Posted 3 years ago #

    Just giving 4 stars, because of:
    * undocumented feature "use app password" - what does it do??
    * I'd prefer a 2nd login page for the time based password, so unauthenticaed users dont see you're using this plugin.

    Otherwise it is an excellent plugin which greatly enhances your security. Very much recommended!

  2. The "App Password" is needed if you use a mobile application like the WordPress for Android or iPhone.

    In 2-factor authentication, you use your normal password and the numeric password from the device. However, if you use the mobile applications, they have no way to input that second password. So using the plugin will, by default, make those mobile application logins fail.

    Google 2-factor authentication supports setting up a password on a per-application basis. You can go to your google accounts screen and create those passwords, then copy them down somewhere and use them to login for apps that don't support the 2nd factor. In this case, you would enable the app password, create an app password specifically for mobile use on your blog, and then copy it in this field.

    Doing this effectively disables the 2-factor authentication for the mobile device apps like WordPress for Android and iPhone (or anything using XMLRPC, in fact). However, if you later want to cut off all access via that route, you can just go to Google accounts and immediately invalidate that password, and thus the mobile apps will be cut off. So this is still slightly more secure by giving you that cutoff point.

  3. mampf
    Posted 3 years ago #

    I see. I know these application specific passwors. I just got confused by "app password" instead of "application specific password".

    Now it's clear to me - thanks!

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Google Authenticator
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic


No tags yet.