描述

前往 [使用者]→[個人資料] 中的 [兩步驟驗證選項]，便能為網站帳號啟用及設定一或多個兩步驟驗證方式：

透過電子郵件傳送驗證碼
TOTP 驗證碼 (Time Based One-Time Passwords，以時間為基礎、最通用的演算法)
FIDO U2F 安全金鑰 (Universal 2nd Factor，通用第二因素)
備用驗證碼
測試模式 (僅供測試目的使用)

如需進一步瞭解這個外掛的開發沿革，請參閱這篇文章。

Actions & Filters

Here is a list of action and filter hooks provided by the plugin:

two_factor_providers filter overrides the available two-factor providers such as email and time-based one-time passwords. Array values are PHP classnames of the two-factor providers.
two_factor_providers_for_user filter overrides the available two-factor providers for a specific user. Array values are instances of provider classes and the user object WP_User is available as the second argument.
two_factor_enabled_providers_for_user filter overrides the list of two-factor providers enabled for a user. First argument is an array of enabled provider classnames as values, the second argument is the user ID.
two_factor_user_authenticated action which receives the logged in WP_User object as the first argument for determining the logged in user right after the authentication workflow.
two_factor_email_token_ttl filter overrides the time interval in seconds that an email token is considered after generation. Accepts the time in seconds as the first argument and the ID of the WP_User object being authenticated.
two_factor_email_token_length filter overrides the default 8 character count for email tokens.
two_factor_backup_code_length filter overrides the default 8 character count for backup codes. Providers the WP_User of the associated user as the second argument.

螢幕截圖

[個人資料] 頁面中的 [兩步驟驗證選項]
[個人資料] 頁面中的 U2F 安全金鑰設定
Email Code Authentication during WordPress Login.

常見問題

How can I send feedback or get help with a bug?

The best place to report bugs, feature suggestions, or any other (non-security) feedback is at the Two Factor GitHub issues page. Before submitting a new issue, please search the existing issues to check if someone else has reported the same feedback.

Where can I report security bugs?

The plugin contributors and WordPress community take security bugs seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.

To report a security issue, please visit the WordPress HackerOne program.

評價

shawfactor 2025年4月20日

Not super complicated, just works

carljkeller 2025年2月16日

I use it for the security of my WordPress admin panel and it’s really nice. I just wish it was available as a text message via phone, that would be great.

shaunek 2025年1月10日

This plugin adds 2FA to Wordpress. It defaults to sending a code to the email address associated to the user, but it is possible for the user to configure for backup codes or authenticator app as well. We have been using this plugin for a couple of years. I definitely appreciate the fact that is maintained by open source contributors, although that does mean that at times bug fixes can be a little slow to be published. I have collaborated with the guys on Github and they are top notch.

geraldroy 2024年12月11日

Happy with this plugin.

WP-Dummie 2024年11月26日

Seit ich das Plugin kenne, nutze ich auch endlich Zwei-Faktor-Authentifizierung. Nur einen Ort für die gedruckten Notfallisten muss ich noch finden … 😚 (*flööt*)