描述

前往 [使用者]→[個人資料] 中的 [兩步驟驗證選項]，便能為網站帳號啟用及設定一或多個兩步驟驗證方式：

透過電子郵件傳送驗證碼
TOTP 驗證碼 (Time Based One-Time Passwords，以時間為基礎、最通用的演算法)
FIDO U2F 安全金鑰 (Universal 2nd Factor，通用第二因素)
備用驗證碼
測試模式 (僅供測試目的使用)

如需進一步瞭解這個外掛的開發沿革，請參閱這篇文章。

Actions & Filters

Here is a list of action and filter hooks provided by the plugin:

two_factor_providers filter overrides the available two-factor providers such as email and time-based one-time passwords. Array values are PHP classnames of the two-factor providers.
two_factor_enabled_providers_for_user filter overrides the list of two-factor providers enabled for a user. First argument is an array of enabled provider classnames as values, the second argument is the user ID.
two_factor_user_authenticated action which receives the logged in WP_User object as the first argument for determining the logged in user right after the authentication workflow.
two_factor_token_ttl filter overrides the time interval in seconds that an email token is considered after generation. Accepts the time in seconds as the first argument and the ID of the WP_User object being authenticated.

參與其中

Development happens on GitHub. Join the #core-passwords channel on WordPress Slack (sign up here).

以下是如何開始：

$ git clone https://github.com/wordpress/two-factor.git
$ npm install

然後打開拉取請求提供你建議的變更。

螢幕截圖

[個人資料] 頁面中的 [兩步驟驗證選項]
[個人資料] 頁面中的 U2F 安全金鑰設定
Email Code Authentication during WordPress Login.

評價

marverix 2021年2月27日

Works like a charm out of the box. My Yubikey worked immediately. Zero issues.

xintv123 2021年2月27日

I want to select Google Authenticator for the first time to enable the plug-in, but the QR code image given by the plug-in cannot be loaded. I can only set it through the key. After the Google authentication is set up, although the back-end can log in normally, the front-end is because I used it. The api login method causes the api login to be disabled. I hope that the next version can add an option to automatically open the api login when the backend is logged in. Finally, I have to say that the setting options in the personal data are not displayed perfectly on the mobile terminal. It is almost messy, which makes me uncomfortable. Hope the next version can improve the above problems

Pierre LeBaux 2021年1月29日

Works as advertised, clean and reasonably maintained.

iamxk 2021年1月19日

二步认证或者在中国用短信认证来得方便。但国外真的很喜欢用谷歌那套。

bolhachefe 2020年12月7日

This is a great plugin and is the only one I know of that provides two authentication factors per email code.

fergofer00 2020年12月4日

I have been using this plugin for a long time. Now that Safari 14 is the fastest browser, I have noticed that the Fido U2F functionality of this plugin does not work. I don't know if it is a problem with Safari, or the plugin. I hope it will work again soon.

閱讀全部129個評價