WordPress 2-Factor Authentication (2FA)

Add an additional layer of security to WordPress users accounts by requiring more than just a password (OTP codes) to log in.

Improved WordPress Security

When you add Two-Factor Authentication to your WordPress site, users will need to enter their username and password like normal and then a time-based one-time code (TOTP password) from their authenticator application such as e.g Google Authenticator, Authy, Microsoft Authenticator, 1Password, LastPass, Okta Verify, Duo Security.

Setup from My Account Page

If the Two-Factor authentication addon is enabled, the setup section is added to the My Account page where WordPress registered users can configure 2FA for their accounts.

Want to set up a custom user 2FA configuration page, use the shortcode [profilepress-2fa-setup].

Setup from Profile Page

Your WordPress site users can also configure Two Factor Authentication for their account through the user profile page in the WP admin dashboard.

Recovery Codes Generation

Users can generate backup or recovery codes that they can use as authentication code to regain access to their account if they are locked out.

Disable 2FA for Locked Out Users

If a user gets locked out of their account perhaps because they lost their phone or mistakenly deleted their authenticator application, admins can disable 2FA for them from the user edit screen in the dashboard.

Easy to Setup

You can select the user roles that can set up Two-Factor Authentication for their accounts, enforce 2FA on users of select roles and customize the message shown to users that haven’t configured Two Factor.

Get ProfilePress with all Addons Today!​