When my smartphone crashed in January 2019, I quickly discovered the issues involved with having a two-factor authentication method that only sent info to an app on my smartphone.
Since my phone wasn’t working, I couldn’t access many accounts as well as WordPress websites where I depended on authentication from a mobile app.
Luckily I had access to web host accounts where I could disable the two-factor authentication plugin.
It was frustrating and time-consuming to work through all the changes.
After I replaced my smartphone, I searched for alternative two-factor or multi-factor authentication options that didn’t rely on a mobile app authentication.
- Easy to use and configure
- Multiple options for authentication
- Primary and secondary authentication options
- Security key authentication option
- Backup codes
- Users can choose which authentication method to use
I reviewed about a dozen options before I discovered the plugin that fit my requirements.
For anyone looking for an easy-to-use customizable two-factor or multi-factor plugin to protect their WordPress website, the Two-Factor plugin is an option to consider.
The Two Factor plugin offers:
- Email codes
- Time Based One-Time Passwords (TOTP) using Google Authenticator
- FIDO Universal 2nd Factor (U2F)
- 10 Backup Codes for each user account
- Dummy Method (available for testing purposes)
The plugin is free and has a five-star rating in the WordPress plugin repository.
As of November 18, 2019, the plugin has been translated into 16 languages.
Why I Like It
It’s been 11 months since I started using Two-Factor for authentication on WordPress sites and it’s effortless to use. That’s the kind of plugin I love!
I want quick access to my site and the client WordPress sites I create and manage.
Since Two-Factor is customizable for individual users (under their profile), each user can choose which method they want to use for authentication.
The ability to set up a primary and secondary method for authentication is helpful when your first authentication method isn’t working.
In addition, generating the one-time backup codes is quick and easy.
The plugin generates 10 backup codes at a time. Reminder: store them in a safe place.
How the Plugin Works
Once you’ve installed Two-Factor, you’ll find a new Two-Factor Options section added to your User Profile in the Dashboard under Users > Your Profile.
Select which options you want to enable, and choose which of the options will be your primary authentication method.
If you choose to use a Security Key, you’ll need to register your keys.
Be certain to pay attention to which methods you mark Enabled and Primary. Select Update Profile to save your choices.
The Two-Factor plugin is one of my go-to plugins for WordPress sites. I like that it’s not dependent on a mobile app and that it provides users choices as to what authentication method they want to use.
Easy-to-configure, regularly updated, and maintained by several developers who regularly contribute to core WordPress puts my mind at ease.
Have you used the Two-Factor plugin? If yes, share your experience and tell me what you like best about the plugin in the comments.