Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/sjinks/wp-two-factor-auth

Secure WordPress login with two factor authentication
https://github.com/sjinks/wp-two-factor-auth

2fa otp security wordpress wordpress-plugin

Last synced: about 2 months ago
JSON representation

Secure WordPress login with two factor authentication

Host: GitHub
URL: https://github.com/sjinks/wp-two-factor-auth
Owner: sjinks
License: mit
Created: 2018-03-24T08:26:30.000Z (over 6 years ago)
Default Branch: master
Last Pushed: 2024-04-24T01:19:02.000Z (5 months ago)
Last Synced: 2024-04-24T03:16:53.302Z (5 months ago)
Topics: 2fa, otp, security, wordpress, wordpress-plugin
Language: PHP
Size: 1.84 MB
Stars: 7
Watchers: 3
Forks: 7
Open Issues: 4
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# wp-two-factor-auth

[![CI](https://github.com/sjinks/wp-two-factor-auth/actions/workflows/build.yaml/badge.svg)](https://github.com/sjinks/wp-two-factor-auth/actions/workflows/build.yaml)

## Description

This plugin allows you to secure your WordPress login with two factor authentication.
The users will have to enter a one time password every time they log in.

## Why You Need This

Users can have common or weak passwords, and this lets hackers and bots brute force their passwords and get access to their account.
If the site is protected with a similar plugin, an intruder cannot get access to the account even if they know the password:
this is where the second factor comes into play: to log in, they need to know the one time password.

## How Does It Work?

This plugin uses the industry standard [Time](http://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm) or [Hash](http://en.wikipedia.org/wiki/HMAC-based_One-time_Password_Algorithm)
based One-time Password Algorithm to generate one time passwords.

One time passwords generated by the plugin can either be delivered by email, or be shown by third party applications (such as Google Authenticator).
Because third party applications have to be configured first (you need to scan a QR code or enter some details manually), by default
one time passwords are delivered by email.

## System Requirements

* PHP 7.2 or newer
* OpenSSL extension

## Installation

At the moment, only installation via [Composer](https://getcomposer.org/) is supported.

To install the plugin, please run

```
composer require wildwolf/wp-two-factor-auth
```

in your WordPress root directory. The, please go to the Dashboard > Plugins, and activate the plugin.