Google Authenticator – WordPress 2FA, OTP SMS and Email

Description

Features | Setup Guide | Documentation | Integrations | Contact Us

### A POWERFUL & FREE TO USE 2FA PLUGIN

Secure your WordPress login by adding a security layer i.e. two-factor authentication (2FA) or two-step authentication.

Install the Two-Factor Authentication (2FA) plugin to protect your website from unauthorized access. Google Authenticator – Two Factor Authentication (2FA) is the most feature-rich and reliable 2FA solution. You can also check out our Two-Factor Authentication landing page to know more. Two-Step Authentication secures your website against various threats like brute force attacks, dictionary attacks, and automated password guessing.

For further information or any inquiries, feel free to reach out to us at 2fasupport@xecurify.com

### KEY FEATURES AND CAPABILITIES

Two-Fator Authentication plugin supports all the TOTP (Time-Based One-Time Password) Authenticator Apps.

TOTP (Time-Based One-Time Password) is a type of two-factor authentication (2FA) mechanism that generates a temporary, unique password based on the current time. It is widely used to enhance security by requiring not only a username and password but also a time-sensitive code that changes every 30 seconds (usually).

Below are TOTP (Time-Based One-Time Password) Authenticator apps of Two-factor authentication provided by our plugin:

Check out the following video to configure Google authenticator as your 2FA method:

Two Factor Authenticator – WordPress 2FA (WP 2FA) plugin provides multiple 2FA methods to setup two-step authentication. One of the popular being Google Authenticator.
Our setup wizard guides you through the setup process. It makes the WordPress 2FA (WP 2FA) plugin setup so easy that a person with no technical knowledge can configure 2FA in no time and setup any two-step authentication method of your choice.

User Identity Verification with the Two Factor Authentication (2FA) or WordPress 2FA (WP 2FA) plugin

2FA on Login and Registration: Verify users on login with different TOTP login methods & other 2FA/OTP login methods like OTP login using SMS, OTP login using Email, OTP over Telegram, Google Authenticator, Email Verification, Authy Authenticator, Duo Authenticator, Microsoft Authenticator and many others. Two-factor authentication on registration can be done via either of the OTP login methods (OTP authentication using Email or via OTP authentication using SMS).

Plugin Integrations and Support for all two-factor authentication (2FA) or two-step authentication methods

Two Factor Authentication – WordPress 2FA plugin is compatible with popular plugins such as:-

Third-Party Custom SMS Gateway for OTP Over SMS – OTP Login via SMS

The premium Two Factor Authentication – WordPress 2FA (WP 2FA) plugin support any third-party SMS Gateway for OTP login via SMS method. If you don’t have your SMS gateway you can use the miniOrange gateway and send SMS in OTP Over SMS authentication.
Famous SMS gateways supported by Two Factor Authentication – WordPress 2FA plugin.
Test your gateway

Why do you need to register with miniOrange in the Two Factor Authentication plugin or miniOrange Google Authenticator?

Two Factor Authentication or WordPress 2FA (WP 2FA) plugin uses miniOrange APIs to communicate between your WP site and miniOrange IDP. To keep this communication secure, we ask you to register and assign API keys specific to your account. This way your account and users’ calls can be accessed only by API keys assigned to you.

However, you can use most of the 2FA methods without registration. You must register yourself to use the OTP Over SMS or OTP login via SMS method.

Useful blog posts about two-factor authentication or WordPress 2FA plugin

Screenshots

  • Google Authenticator (WP 2FA/OTP) – Setup Twofa For Me
    1. Google Authenticator (WP 2FA/OTP) – Google Authenticator Setup
  • Google Authenticator (WP 2FA/OTP) – Setup and Test Google Authentication
  • Google Authenticator (WP 2FA/OTP) – 2FA Login Settings
  • Google Authenticator (WP 2FA/OTP) – Setup and Test OTP Over SMS
  • Google Authenticator (WP 2FA/OTP) – Custom Email Templates
  • Google Authenticator (WP 2FA/OTP) – Reset Users’ 2FA
  • Google Authenticator (WP 2FA/OTP) – miniOrange User Account Details

Installation

From your WordPress dashboard

  1. Navigate to Plugins > Add New from your WP Admin dashboard.
  2. Search for miniOrange 2 Factor Authentication - 2FAor Google Authenticator.
  3. Install miniOrange 2 Factor Authentication - 2FA and activate the plugin.

From WordPress.org

  1. Search for miniOrange 2 Factor Authentication - 2FA and download it.
  2. Unzip and upload the miniorange-2-factor-authentication - 2FA directory to your /wp-content/plugins/ directory.
  3. Activate miniOrange 2 Factor Authentication – 2FA from the Plugins tab of your admin dashboard.

    Video Guide :

FAQ

How do I gain access to my website if I get locked out using the Google Authenticator – 2FA plugin?

You can obtain access to your website by one of the below options:

  1. If you have an additional administrator account whose Two-Factor or 2FA is not enabled yet, you can log in with it.
  2. If you had set up KBA questions as 2FA earlier, you can use them as an alternate method to log in to your website instead of the configured 2FA method.
  3. Rename the plugin from FTP – this disables the Two Factor Authentication – WordPress 2FA (WP 2FA) plugin and you will be able to log in without 2FA.

    For detailed information, please check on our website. Locked Out.
    You can also check our video tutorial:

How do I enable Google Authenticator 2 Factor Authentication – 2FA as the backup method?

You can use Google Authenticator as the backup method for your users by enabling the “Login with any configured 2FA method” or “Multi-factor Authentication” in the miniOrange two-factor authentication – 2FA plugin settings. [PREMIUM FEATURE]

I have enabled Two Factor Authentication (2FA) or Two-step Authentication for all users, what happens if an end-user tries to log in but has not yet registered?

If a user has not set up Two Factor yet, the user will be prompted for 2FA registration on the first login.

How can I enable only one authentication method for my users?

You can select the specific two-factor authentication(2FA) or two-step authentication methods under the Login Settings tab. Only the selected authentication methods will be shown to the user during inline registration for example if you select Google Authenticator or any specific 2FA methods, only they will be shown on login. [PREMIUM FEATURE]

How can I make the look and feel of custom/front-end login page on my site to remain the same when I add 2-factor authentication?

If you have a custom login form other than wp-login.php then you can configure 2FA on your login form from the Login Form settings in the miniOrange Two Factor Authentication(2FA) plugin dashboard. We are not claiming that it will work with all the custom login pages. In such a case, custom work is needed to integrate two-factor with your customized login page. You can submit a query in our Support Section in the plugin or you can contact us at info@xecurify.com for more details.

What should I do if I face any issues while logging in with the minniOrange Two Factor Authentication plugin or if there is a conflict with any other plugin?

Our Two Factor Authentication plugin is compatible with most popular plugins, but if it is not working for you, please submit a query in our Support Section in the plugin or contact us at info@xecurify.com.

I am using a render-blocking javascript and CSS plugin – Async JS and CSS Plugin and I am not able to log in with Two-Factor and the screen goes blank. What should I do?

If you are using Async JS and CSS Plugin. Please go to its settings add jQuery to the list of exceptions and save settings. It will work. If you are still not able to get it right, Please submit a query in our Support Section in the plugin or you can contact us at info@xecurify.com.

I am upgrading my phone. What should I do to shift 2FA to my new phone?

You should go to 2FA For Me Tab and click on Reconfigure to reconfigure 2 Factor with your new phone.

Reviews

October 8, 2024
I lost access to my site due to MiniOrange and a conflict with another plugin. The support team was quick to respond and solve my issue. Thank you!
August 30, 2024
I recently started using miniOrange’s Google Authenticator – WordPress Two Factor Authentication plugin. Initially, my expectations for support response time were low, but I was pleasantly surprised. The response time was quick, and the expertise provided far exceeded my expectations. Their support team was incredibly helpful and efficient. I recommend this plugin for anyone looking for a reliable 2FA solution. The combination of a robust product and outstanding support makes it a top choice.
August 20, 2024
This is an excellent solution to setup 2FA. We have it working on a site using Google Authenticator app. The support has been excellent too. Keep up the great work!
August 5, 2024
I received excellent and patient help from Vikas today. The google session worked seamlessly and my log in issues were resolved. Thank you.
Read all 368 reviews

Contributors & Developers

“Google Authenticator – WordPress 2FA, OTP SMS and Email” is open source software. The following people have contributed to this plugin.

Contributors

Changelog

6.0.5

  • Updated Button CSS
  • Updated Custom Logo Branding on 2FA Popup Settings UI
  • General CSS Improvements
  • 2FA Pricing Page Removed

6.0.4

  • Improvement – Updated Login Transaction Report UX
  • 2FA Pricing Plan updates

6.0.3

  • Bug Fixes – Google Authentication CSS-JS loading issue in login

6.0.2

  • Setup Wizard flow changes.
  • Bug Fix in Setup Wizard flow.

6.0.1

  • Bug fixes for UI/UX plugin release

6.0.0

  • Updated UI/UX of the plugin dashboard
  • Added configuration for customizations of all email notifications White Labelling > Email Templates
  • Added 2FA reconfiguration link over email as a backup method
  • Added Cusotm Redirect URL after login feature
  • Extended grace period functionality
  • Removed miniOrange Authenticator 2FA method
  • Removed DUO Authenticator 2FA method
  • Shifted Google Authenticator Custom App name to White Labelling > 2FA Customizations

5.8.4

  • Updated jquery jquery.dataTables.min.js version to the latest version
  • Bug fixes- Getting error on user account creation on WooCommerce

5.8.3

  • Compatibility with WordPress 6.5
  • Fixed redirection issue on activation with WordPress 6.5
  • Changed refund Policy link
  • Updated miniOrange portal links

5.8.2

  • Bug Fix- Log out the users when the grace period is enabled
  • Improvement- Added SMTP checks for email verification authentication
  • Improvement- Updated UX for Email Verification method
  • Fixed- Warnings in the error logs

5.8.1

  • Bug Fix- Show backup codes to users after configuring Email Verification
  • Updated UI for Google Authenticator user configuration screens
  • Updated UI of Setup Wizard

5.8

  • Bug fix- 2FA method was getting updated when updating a user on the user-edit page
  • Updated UI for OTP over SMS, OTP over Email and OTP over Telegram configuration screens
  • Added Email Verification authentication method

5.7.5

  • Compatibility with WordPress 6.4

5.7.4

  • Bug fix- Keep end users’ 2FA configuration when the plugin is deactivated
  • Bug fix- Attempts left for the OTP-based methods
  • Bug fix- Display App Key for Google authenticator in 2FA inline registration

5.7.3

  • Bug fixes for registration forms
  • Compatibility with WordPress 6.3

5.7.2

  • Updated flow of 2FA on registration form
  • Minor bug fixes

5.7.1

  • Bug fix – Users will be able to configure/reconfigure and reset cloud methods
  • Bug fix – SMS Transactions will be credited when customers register in the plugin
  • Bug fix – Fixed Email Transaction sync issue
  • Added Resend OTP Button in case of OTP Over SMS, OTP over Telegram, OTP over Email methods
  • Improvement – Enforced reconfiguration of the alternate method after login with backup code
  • Feature Improvement – The 2FA prompt will be visible in case of TOTP method has not been set for the admin
  • Updated plugin dashboard UI – Added My Account tab for miniOrange User Account

5.7.0

  • Code Improvements according to WPCS
  • Feature Improvement – Added role-based checks for login through new IP
  • Improvement – Error handling for account creation

5.6.6

  • Google Authenticator – Two-factor Authentication – 2FA, OTP :
  • Bug fix – redirection issue for users in a Multisite environment
  • Improvements – Removed External links from Google Authenticator
  • Improvements – Mobile responsiveness of setup wizard
  • Improvement for SMS/Email verification on the PaidMembership Proform
  • Updated Pricing plan according to new use cases
  • Updated Add SMS notification/button check
  • Updated feedback form
  • Advertised OTP over WhatsApp

5.6.5

  • Google Authenticator – Two-factor Authentication – 2FA, OTP :
  • Bug fix – Save template for notifications on email
  • Bug fix – Error in SMS authentication setup through plugin dashboard
  • Updated Network Security removal notice message

5.6.4

  • Google Authenticator – Two-factor Authentication – 2FA, OTP :
  • Bug fix – headers already sent in messages.php

5.6.3

  • Google Authenticator – Two-factor Authentication – 2FA, OTP :
  • Skip-2 factor option removed from the inline setup
  • Backup code button will always be shown
  • Added login form and theme fields in the trial request form
  • CSS-JS version added for all scripts and styles respectively
  • Autofocus for many input fields and submit the form when Enter is hit

5.6.2

  • Google Authenticator – Two-factor Authentication – 2FA, OTP :
  • Vulnerability fixes
  • Removed Network Security for new users
  • Updated Pricing page UI

5.6.1

  • Google Authenticator – Two-factor Authentication 2FA, OTP :
  • Bug fix- Headers already sent
  • Added SMTP check for sending backup codes on 2fa prompt

    For older changelog entries, please see the additional changelog.txt file provided with the plugin.