Secure 2FA Wordpress Plugin - Rating, Reviews, Demo & Download

Secure 2FA Preview Wordpress Plugin - Rating, Reviews, Demo & Download

No ratings yet

Free

Follow for free plugins, new theme releases and theme news

Plugin Description

Secure 2FA adds an extra layer of security to your WordPress login process by enabling 2FA via several authentication methods.

Features

Free two-factor authentication (2FA) plugin
Multiple authentication methods: One-time password (OTP), Yubico OTP (YubiKey), Email OTP, and WhatsApp OTP
Customizable OTP configurations: Expiration time, retries, and more
Role-based enforcement: Require 2FA for all or specific roles while excluding others
Supports WordPress Multisite and single-site installations
Activity log tracking: Monitor authentication attempts and security events
Rate limiting: Prevent brute-force attacks by limiting OTP requests per user
Backup recovery codes: Allow users to regain access if they lose their primary 2FA method
Automatic log cleanup: Enable or disable automatic deletion of old activity logs with configurable schedules
UI control: Manage the visibility of the “Configure 2FA” option in the sidebar, admin toolbar, and user list

Time-based One-Time Password 2FA Method

Compatible with diifrent authotcitors apps susch as Google Authenticator and Duo etc.
Generates QR codes during 2FA setup.
Supports manual setup keys.

WhatsApp 2FA Method

This method leverages Meta’s official API to send OTPs via WhatsApp authentication template. It supports the following features:

Set a default template language.
Support multiple template languages based on the user’s UI language (templates must match WhatsApp requirements).
Define a base country for phone numbers when configuring 2FA.
Restrict phone number selection by specifying an allowed countries list.
Enable IP address lookup to detect the user’s country during 2FA setup.
Allow or prevent multiple users from using the same phone number.
Set custom phone number regex patterns to enforce specific formatting rules.

Email OTP 2FA Method

Allow or disallow users to enter a different email when configuring email as a two-factor authentication method.
Specify a custom email address from which OTPs will be sent.
Customize email languages, subject lines, and message content based on supported languages.

Yubico OTP 2FA Method

Yubico OTP is a secure and convenient authentication method supported by all YubiKeys out of the box. It provides an additional layer of security as a second-factor authentication option.

Requirements

WordPress 6.0 or newer.
PHP version 7.4 or newer.

External Library and Services Usage

The plugin utilizes the intl-tel-input library to provide phone number formatting functionality.
The plugin integrates with Meta’s WhatsApp Business API, which is subject to Meta’s Terms of Service and pricing policies. You may need to subscribe to a third-party WhatsApp API method or a Meta-approved Business Solution Provider to use this service. For details, visit Meta’s WhatsApp Business API documentation.
The plugin integrates with the Yubico OTP API. It securely sends the user’s one-time password (OTP) to Yubico’s verification service to authenticate login attempts. Review Yubico’s Terms & Conditions and Privacy Notice for more details.