Select one or more tags, then press “Search Plugins”

Find Plugin with any / all of the selected criteria
Search Plugin

Brightery Secure 2FA Wordpress Plugin - Rating, Reviews, Demo & Download

Brightery Secure 2FA Wordpress Plugin - Rating, Reviews, Demo & Download
No ratings yet
Free
Follow for free plugins, new theme releases and theme news

Plugin Description

Brightery Secure 2FA adds a strong second login step for WordPress accounts while staying lightweight in runtime.

Features:

  • Authenticator app (TOTP) support.
  • Passkeys / WebAuthn support for Touch ID, Face ID, Windows Hello, fingerprint readers, and device PIN.
  • Role-based enforcement: require selected user groups to enroll.
  • Forced enrollment page to block protected users until they configure security.
  • Backup codes.
  • Encrypted TOTP secret storage using WordPress salts.
  • Login throttling for repeated primary-login and second-factor failures.
  • Lightweight audit logs stored inside WordPress options.
  • Email alerts for enrollment changes and lockouts.
  • Trusted devices so users can skip 2FA on approved browsers for a limited period.
  • CSV export for security logs.
  • Advanced log filters and search.
  • Custom labels for trusted devices and passkeys.
  • Optional revocation of other sessions after security changes.
  • Optional blocking of WordPress application passwords for protected / 2FA-enabled users.
  • Lightweight runtime: the plugin mostly runs on login, profile, AJAX, settings pages, WooCommerce account pages, and authenticated REST requests.

Important Notes

  • HTTPS is required for passkeys in production.
  • This build is optimized for normal interactive WordPress logins and admin access enforcement.
  • Passkey attestation trust-chain validation is intentionally not enforced in order to remain lightweight and dependency-free.
    The plugin still validates challenge, origin, RP ID hash, user presence, optional user verification, signature, and signature counter.
  • This lightweight build supports ES256 passkeys.
  • TOTP setup includes a local QR-code renderer so the setup secret stays on your own WordPress site during enrollment.
  • The plugin stores account-security data such as trusted-device records, passkey metadata, security logs, and a limited recent login-context history.
  • A privacy-policy suggestion plus WordPress personal-data exporter and eraser integrations are included.
  • There are no non-GPL third-party runtime libraries bundled with this plugin;
    the distributed JavaScript and CSS files are included as human-readable source.

Security Model

  • TOTP secrets are encrypted before storing in user meta.
  • Backup codes are stored hashed.
  • Passkeys verify origin, RP ID hash, challenge, signature, and signature counter.
  • Rate limiting helps slow repeated login and 2FA guessing attempts.
  • The plugin can require passkey user verification for biometric/PIN-backed sign-in.

Privacy

Brightery Secure 2FA stores security-related account data so it can protect logins and help administrators investigate suspicious access.
The plugin adds suggested privacy-policy text to WordPress and registers personal-data exporter/eraser callbacks for the data it stores.

Source Code and Licensing

  • All distributed plugin PHP, JS, and CSS files are included as human-readable source.
  • The local QR renderer is bundled directly in assets/js/bs2fa-qr.js as readable source code.
  • No non-GPL runtime libraries are required for normal plugin operation.

Screenshots

No screenshots provided

Similar Plugins:

Brightery Facebook Business Scraper For Wordpress Rating Widget: Post Rating, 5 Star Rating, Reviews, Thumbs Up & Down, Reaction Secure 2FA

Reviews & Comments