描述
前往 [使用者]→[個人資料] 中的 [兩步驟驗證選項],便能為網站帳號啟用及設定一或多個兩步驟驗證方式:
- 透過電子郵件傳送驗證碼
- TOTP 驗證碼 (Time Based One-Time Passwords,以時間為基礎、最通用的演算法)
- FIDO U2F 安全金鑰 (Universal 2nd Factor,通用第二因素)
- 備用驗證碼
- 測試模式 (僅供測試目的使用)
如需進一步瞭解這個外掛的開發沿革,請參閱這篇文章。
Actions & Filters
Here is a list of action and filter hooks provided by the plugin:
two_factor_providersfilter overrides the available two-factor providers such as email and time-based one-time passwords. Array values are PHP classnames of the two-factor providers.two_factor_enabled_providers_for_userfilter overrides the list of two-factor providers enabled for a user. First argument is an array of enabled provider classnames as values, the second argument is the user ID.two_factor_user_authenticatedaction which receives the logged inWP_Userobject as the first argument for determining the logged in user right after the authentication workflow.two_factor_token_ttlfilter overrides the time interval in seconds that an email token is considered after generation. Accepts the time in seconds as the first argument and the ID of theWP_Userobject being authenticated.
參與其中
Development happens on GitHub. Join the #core-passwords channel on WordPress Slack (sign up here).
以下是如何開始:
$ git clone https://github.com/wordpress/two-factor.git
$ npm install
然後打開拉取請求提供你建議的變更。
螢幕截圖
[個人資料] 頁面中的 [兩步驟驗證選項] 
[個人資料] 頁面中的 U2F 安全金鑰設定 
Email Code Authentication during WordPress Login.
評價
2020年10月30日
This plugin works with an authenticator app, but the security key feature is defective. Message to support elicited no reply, leading one to wonder whether this plugin is still being actively developed.
2020年10月29日
I really love this plugin. And the best thing is that unlike some other plugins that don't work with custom login pages or membership plugins, it works without any effort! Thanks to all the collaborators who have put their time and effort!
2020年10月14日
FIDO U2F support is very nice!
2020年10月13日
If you value your security - this is a no-brainer.
2020年9月26日
Love it! Thank you!
2020年9月19日
This plugin is working great and was incredibly easy to set up. Excellent work. This is a hugely important project for the entire WordPress community. Thank you!
2Factor is a security standard that everyone should use. With WordPress being used on 30% of websites, having this in WordPress core would be a huge security win for an enormous chunk of the internet.
For some, its existence in core may be their first introduction to 2Factor, which is a huge opportunity to not only be more secure, but to educate people.
Having it in core would also allow for a standard to be set, and for login flows from plugins to utilize 2factor in a reliable way (think logging in over Headless, or though a WooCommerce login-form on a receipt page, etc).
I'm 100% on team lets-get-this-in-core.
貢獻者及開發者
“Two-Factor” 是一個開源的軟體。以下的人對這個外掛作出了貢獻。
貢獻者
修改日誌
檢視發佈記錄。