Support » Plugin: 2FAS Light - Google Authenticator » Plugin capabilities

  • Resolved Andrei

    (@andrei0luca)


    Hi guys,

    A few questions to make sure I understand 2FAS Light capabilities.

    1) I have users that log in on a custom page.
    They will not be prompted for 2-factor auth, is that correct?

    Only the admin logging in the wordpress default sign in page will be prompted for 2-factor auth, is that correct?

    2) How does “Remember device” work?
    Is it using my IP address?
    What kind of information does it store in order to make it work?

    Thank you,
    Andrei

Viewing 5 replies - 1 through 5 (of 5 total)
  • Andrei

    (@andrei0luca)

    LATER EDIT:

    Only the admin & users logging in the wordpress default sign in page will be prompted for 2-factor auth, is that correct?

    Plugin Author 2FAS

    (@2fas)

    1. Yes that’s correct, at this moment we support only default sing in page, and only there users will be prompted for 2-factor auth.

    2. We use IP and user agent information from browser to recognize user when he use “remember device” and we store this information to DB and Cookie.

    Andrei

    (@andrei0luca)

    1. Actually I did try to sign in as admin on the custom page (not the default sign in page). And it doesn’t sign in: it doesn’t ask for the 6 digits but it wouldn’t sign in either.
    So I guess it also protects the custom page.
    Is that a correct assessment of 2FAS?

    Thank you,
    Andrei

    Plugin Author 2FAS

    (@2fas)

    It would be good if the plugin also ask for the code on the custom pages.
    We have it on our todo list, but we do not know for the moment whether we will do it.

    Andrei

    (@andrei0luca)

    My security priority is to protect the admin sign in, no matter on what page he does that.
    So a good rating from me and good luck with 2FAS Light further development 🙂

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Plugin capabilities’ is closed to new replies.