描述

前往 [使用者]→[個人資料] 中的 [兩步驟驗證選項]，便能為網站帳號啟用及設定一或多個兩步驟驗證方式：

透過電子郵件傳送驗證碼
TOTP 驗證碼 (Time Based One-Time Passwords，以時間為基礎、最通用的演算法)
FIDO U2F 安全金鑰 (Universal 2nd Factor，通用第二因素)
備用驗證碼
測試模式 (僅供測試目的使用)

如需進一步瞭解這個外掛的開發沿革，請參閱這篇文章。

Actions & Filters

Here is a list of action and filter hooks provided by the plugin:

two_factor_providers filter overrides the available two-factor providers such as email and time-based one-time passwords. Array values are PHP classnames of the two-factor providers.
two_factor_enabled_providers_for_user filter overrides the list of two-factor providers enabled for a user. First argument is an array of enabled provider classnames as values, the second argument is the user ID.
two_factor_user_authenticated action which receives the logged in WP_User object as the first argument for determining the logged in user right after the authentication workflow.
two_factor_token_ttl filter overrides the time interval in seconds that an email token is considered after generation. Accepts the time in seconds as the first argument and the ID of the WP_User object being authenticated.

參與其中

Development happens on GitHub. Join the #core-passwords channel on WordPress Slack (sign up here).

以下是如何開始：

$ git clone https://github.com/wordpress/two-factor.git
$ npm install

然後打開拉取請求提供你建議的變更。

螢幕截圖

[個人資料] 頁面中的 [兩步驟驗證選項]
[個人資料] 頁面中的 U2F 安全金鑰設定
Email Code Authentication during WordPress Login.

評價

thomassteavens 2022年7月4日

Easy to use. Allow multiple devices. Free. Excellent! Allowing only a 4-digit password on mobile devices is pretty outdated; probably needs to be updated.

vy name 2022年6月10日

I surely want to acknowledge my gratitude to this plugin's authors. Their work is to be measured by the effect it has on protecting WP sites and how effortlessly it works. Fricton-free and effective. Just great!

carnalpl 2022年5月1日

U2F key cannot be added.

clpjas 2022年3月8日

I really hate giving this one-star but the plugin is out of date and broken. This plugin was suggested to me back when I was looking for 2FA methods. It looked promising and worked great, but features are broken, it's fallen behind in supporting the latest versions of WordPress, and has not been updated in half a year. It's a real shame because I've not found a 2FA plugin that can match this plugin...

WPSpeedo 2022年3月7日

The plugin is good, it works fine with the membership plugin.

Devyn Brugge 2021年12月1日

Really lightweight plugin, it seemed safe to implement and worked for day until admins reported issues. However, my case seems to be a conflict with Toolset Access and I am now having an impossible time trying to remove from my site. Even though I have deactivated, the combination of both these plugins seems to have corrupted the user access table. When an admin accesses the login page, we get a message "You don’t have permission to access this page." Sometimes, changing browsers/VPNs fixes it temporarily. There is no way to remove the plugin settings with uninstall.

閱讀全部152個評價