Download

Google Authenticator – WordPress Two Factor Authentication (2FA)

By miniOrange

Description

Note: The miniOrange 2-factor authentication plugin for WordPress is GDPR Compliant now

Secure your WordPress login with an additional layer of security from us! The setup takes minutes, yet protects your site forever.
This plugin provides two factor authentication (TFA) during login. If you are looking for OTP Verification of users during Registration then we have a separate plugin for this. Click Here to learn more.

Free Plugin Features

  • Two Factor Authentication (2FA) for 1 User forever
  • Available Authentication Methods: Google Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA)
  • Language Translation Support
  • Two Factor Authentication (2FA) allows authentication on login page itself for Google Authenticator & miniOrange Soft Token.

Standard Plugin Features

  • Two Factor Authentication (2FA) for Users as per the upgrade ( User-based pricing )
  • Available Authentication Methods: Google Authenticator, QR Code, Push Notification, Soft Token, Security Questions(KBA), Authy Authenticator, OTP Over Email, OTP Over SMS, OTP Over SMS and Email, Email Verification. ( SMS and Email credits need to be purchased as per the need)
  • Language Translation Support
  • Multiple Login Options: Username + password + two-factor (or) Username + two-factor
  • Backup Method: KBA(Security Questions)
  • Multi-Site Support
  • User role based redirection after Login, Custom Security Questions (KBA), Customize account name in Google Authenticator app

Premium Plugin Features

  • Two Factor Authentication (2FA) for Users as per the upgrade ( User-based pricing )
  • Available Authentication Methods: Google Authenticator, QR Code, Push Notification, Soft Token, Security Questions(KBA), Authy Authenticator, OTP Over Email, OTP Over SMS, OTP Over SMS and Email, Email Verification, Hardware Token. ( SMS and Email credits need to be purchased as per the need)
  • Language Translation Support
  • Multiple Login Options: Username + password + two-factor (or) Username + two-factor
  • Backup Methods: KBA(Security Questions), OTP Over Email, Backup Codes
  • Multi-Site Support
  • Email notification to users asking them to set up Two Factor Authentication (2FA).
  • User role based redirection after Login, Custom Security Questions (KBA), Customize account name in Google Authenticator app.
  • Enable Two Factor Authentication (2FA) for specific Users/User Roles
  • Choose specific authentication methods for Users
  • App Specific Password to login from mobile Apps
  • Add-Ons Included: RBA & Trusted Devices Management Add-on, Personalization Add-on and Short Codes Add-on

Add Ons [Free and Standard Plans, Inclusive in the Premium Plan]

  • RBA & Trusted Devices Management Add-on Features
    • Remember Device
    • Set Device Limit for the users to login
    • IP Restriction: Limit users to login from specific IPs
  • Personalization Add-on Features
    • Custom UI of Two Factor Authentication (2FA) popups
    • Custom Email and SMS Templates
    • Customize ‘powered by’ Logo
    • Customize Plugin Icon
    • Customize Plugin Name
    • Add Recaptcha on Login Page
  • Short Codes Add-on Features
    • Option to turn on/off 2-factor by user
    • Option to configure the Google Authenticator and Security Questions by user
    • Option to ‘Enable Remember Device’ from a custom login form
    • On-Demand ShortCodes for specific functionalities ( like for enabling 2FA for specific pages)

Apps Supported by the plugin:

  • miniOrange Authenticator App.
  • Google Authenticator App.
  • Authy 2-Factor Authentication App [STANDARD / PREMIUM FEATURE]

Customized solutions and Active support is available. Email us at info@miniorange.com or call us at +1 9786589387.

Screenshots

  • Setup different 2-Factor methods.
  • Enable or Disable 2-factor for Users.
  • 2 Factor Authentication prompt during Login.

Installation

From your WordPress dashboard

  1. Navigate to Plugins > Add New from your WP Admin dashboard.
  2. Search for miniOrange 2 Factor Authentication.
  3. Install miniOrange 2 Factor Authentication and Activate the plugin.

From WordPress.org

  1. Search for miniOrange 2 Factor Authentication and download it.
  2. Unzip and upload the miniorange-2-factor-authentication directory to your /wp-content/plugins/ directory.
  3. Activate miniOrange 2 Factor Authentication from the Plugins tab of your admin dashboard.

Once Activated

  1. Select miniOrange 2-Factor from the left menu and follow the instructions.
  2. Once, you complete your setup. Click on Log Out button.
  3. Enter the username and password. After the initial validation, you will be prompted for the 2-factor method you had set up.
  4. Validate yourself with the 2-factor authentication method you configured.

FAQ

Installation Instructions

From your WordPress dashboard

  1. Navigate to Plugins > Add New from your WP Admin dashboard.
  2. Search for miniOrange 2 Factor Authentication.
  3. Install miniOrange 2 Factor Authentication and Activate the plugin.

From WordPress.org

  1. Search for miniOrange 2 Factor Authentication and download it.
  2. Unzip and upload the miniorange-2-factor-authentication directory to your /wp-content/plugins/ directory.
  3. Activate miniOrange 2 Factor Authentication from the Plugins tab of your admin dashboard.

Once Activated

  1. Select miniOrange 2-Factor from the left menu and follow the instructions.
  2. Once, you complete your setup. Click on Log Out button.
  3. Enter the username and password. After the initial validation, you will be prompted for the 2-factor method you had set up.
  4. Validate yourself with the 2-factor authentication method you configured.
How do I gain access to my website if I get locked out?

You can obtain access to your website by one of the below options:

  1. If you have an additional administrator account whose Two Factor is not enabled yet, you can login with it.
  2. If you had setup KBA questions earlier, you can use them as an alternate method to login to your website.
  3. Rename the plugin from FTP – this disables the Two-Factor (2FA) plugin and you will be able to login with your WordPress username and password.
  4. Go to WordPress Database. Select wp_options, search for mo2f_activate_plugin key and update its value to 0. Two Factor will get disabled.
I want to enable Two-Factor Authentication (2FA) role wise ?

You can select the roles under Login Settings tab to enable the plugin role wise. [PREMIUM FEATURE]

I have enabled Two-Factor Authentication (2FA) for all users, what happens if an end user tries to login but has not yet registered ?

If a user has not setup Two-Factor yet, user has to register by inline registration that will be invoked during the login.

I want to enable only one authentication method for my users. What shloud I do?

You can select the authentication methods under Login Settings tab. The selected authentication methods will be shown to the user during inline registration. [PREMIUM FEATURE]

I am getting the fatal error of call to undefined function json_last_error(). What should I do?

Please check your php version. The plugin is supported in php version 5.3.0 or above. You need to upgrade your php version to 5.3.0 or above to use the plugin.

I did not recieve OTP while trying to register with miniOrange. What should I do?

The OTP is sent to your email address with which you have registered with miniOrange. If you can’t see the email from miniOrange in your mails, please make sure to check your SPAM folder. If you don’t see an email even in SPAM folder, please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.

I want to configure 2nd factor by Google Authenticator.

Select the radio button next to Google Authenticator/Authy App and select the phone type and then scan the QR Code by Google Authenticator App. Enter the 6 digit code in the textbox and click on Save and verify buuton.

I want to configure 2nd factor by Authy 2-Factor Authentication App.

Select the radio button next to Google Authenticator/Authy App and select the phone type and then scan the QR Code by Authy 2-Factor Authentication App. Enter the 6 digit code from the Authy App into the textbox available and click on Save and Verifiy button.

I forgot the password of my miniOrange account. How can I reset it?

There are two cases according to the page you see –
1. Login with miniOrange screen: You should click on forgot password link. You will get a new password on your email address with which you have registered with miniOrange . Now you can login with the new password.

  1. Register with miniOrange screen: Enter your email ID and any random password in password and confirm password input box. This will redirect you to Login with miniOrange screen. Now follow first step.
I have a custom / front-end login page on my site and I want the look and feel to remain the same when I add 2 factor ?

If you have a custom login form other than wp-login.php then we will provide you the shortcode. Shortcode will work only for the customized login page created from wordpress plugins. We are not claiming that it will work with all the customized login page. In such case, custom work is needed to integrate two factor with your customized login page. You can submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com for more details.

I have Woocommerce theme login page on my site. How can I enable Two Factor ?

If you have Woocommerce theme login then go to Advanced Options Tab and check Enable Two-Factor for Woocommerce Front End Login. If you need any help setting up 2-Factor for your Woocommerce theme login form, please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.

I have installed plugins which limit the login attempts like Limit Login Attempt, Loginizer, Wordfence etc. Is there any incompatibilities with these kind of plugins?

The limit login attempt kind of plugins limit the number of login attempts and block the IP temporarily. So if you are using 2 factor along with these kind of plugins then you should increase the login attempts (minimum 5) so that you dont get locked out yourself.

If you are using any Security Plugin in WordPress like Simple Security Firewall, All in One WP Security Plugin and you are not able to login with Two-Factor.

Our Two-Factor plugin is compatible with most of the security plugins, but if it is not working for you. Please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.

If you are using any render blocking javascript and css plugin like Async JS and CSS Plugin and you are not able to login with Two-Factor or your screen got blank.

If you are using Async JS and CSS Plugin. Please go to its settings and add jquery in the list of exceptions and save settings. It will work. If you are still not able to get it right, Please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.

My users have different types of phones. What phones are supported?

We support all types of phones. Smart Phones, Basic Phones, Landlines, etc. Go to Setup Two-Factor Tab and select Two-Factor method of your choice from a range of 8 different options.

What if a user does not have a smart phone?

You can select OTP over SMS, Phone Call Verification or Email Verification as your Two-Factor method. All these methods are supported on basic phones.

What if a user does not have any phone?

You can select Email Verification or Security Questions (KBA) as your Two-Factor method.

What if I am trying to login from my phone ?

If your Security Questions (KBA) are configured then you will be asked to answer them when you are logging in from your phone.

I want to hide default login form and just want to show login with phone?

You should go to Login Settings Tab and check Login with Phone Only checkbox to hide the default login form.

My phone has no internet connectivity and configured 2nd factor with miniOrange App, how can I login?

You can login using our alternate login method. Please follow below steps to login:

  • Enter your username and click on login with your phone.
  • Click on Phone is Offline? button below QR Code.
  • You will see a textbox to enter one time passcode.
  • Open miniOrange Authenticator App and Go to Soft Token Tab.
  • Enter the one time passcode shown in miniOrange Authenticator App in textbox, just like Google authenticator.
  • Click on submit button to validate the otp.
  • Once you are authenticated, you will be logged in.
My phone is lost, stolen or discharged. How can I login?

You can login using our alternate login method. Click on the Forgot Phone link and you will get 2 alternate methods to login. Select “Send a one time passcode to my registered email” to authenticate by OTP over EMAIL or Select “Answer your Security Questions (KBA)” to authenticate by knowledge based authenticaion.

My phone has no internet connectivity and i am entering the one time passcode from miniOrange Authenticator App, it says Invalid OTP?

Click on the Settings Icon on top right corner in miniOrange Authenticator App and then press Sync button under ‘Time correction for codes’ to sync your time with miniOrange Servers. If you still can’t logged in then please email us at info@miniorange.com or Contact us.Soft Token method is just like google authenticator method.

I want to go back to default login with password?

You should go to Login Settings Tab and uncheck Enable Two-Factor plugin checkbox. This will disable 2-Factor and you can login using wordpress default login.

I am upgrading my phone.

You should go to Setup Two Factor Tab and click on Reconfigure to reconfigure 2-Factor with your new phone.

What If I want to use any other second factor like OTP Over SMS, Security Questions, Device Id, etc ?

miniOrange authentication service has 15+ authentication methods.One time passcodes (OTP) over SMS, OTP over Email, OTP over SMS and Email, Out of Band SMS, Out of Band Email, Soft Token, Push Notification, USB based Hardware token (yubico), Security Questions, Mobile Authentication (QR Code Authentication), Voice Authentication (Biometrics), Phone Verification, Device Identification, Location, Time of Access User Behavior. To know more about authentication methods, please visit https://miniorange.com/strong_auth . If you want to have any other 2-factor for your WordPress site, please email us at info@miniorange.com or Contact us.

Reviews

easy

easy to install and to use, everything is great.

Perfect

Installation worked smooth and intuitive, the plug-in works as describes.For me it’s the perfect toll for my sites !

Excellent Plugin

This is just what I needed. The support team was also fast and kind, when I needed a custom feature. Highly recommended!

Very good plugin

Works perfectly put of the box with no hassle whatsoever. I definitely recommend this for everyone!

Read all 160 reviews

Contributors & Developers

“Google Authenticator – WordPress Two Factor Authentication (2FA)” is open source software. The following people have contributed to this plugin.

Contributors

Translate “Google Authenticator – WordPress Two Factor Authentication (2FA)” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

5.1.1

  • Google Authenticator-Two Factor Authentication (2FA) : Minor changes.

5.1.0

  • Google Authenticator-Two Factor Authentication (2FA) : Added new user plans.

5.0.17

  • Google Authenticator-Two Factor Authentication (2FA) : Minor Bug fix.

5.0.16

  • Google Authenticator-Two Factor Authentication (2FA) : Bug fixes.

5.0.15

  • Google Authenticator-Two Factor Authentication (2FA) : Added Google Authenticator option in the WP login page itself.

5.0.14

  • Google Authenticator-Two Factor Authentication (2FA) : Bug Fixs.

5.0.13

  • Google Authenticator-Two Factor Authentication (2FA) : Bug Fix and code optimization.

5.0.12

  • Google Authenticator-Two Factor Authentication (2FA) : Added GDPR Compliance.

5.0.11

  • Google Authenticator-Two Factor Authentication (2FA) : Readme Update.

5.0.10

  • Google Authenticator-Two Factor Authentication (2FA) : Added Proxy Setup feature.

5.0.9

  • Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for “The loopback request to your site failed.” error.

5.0.8

  • Google Authenticator-Two Factor Authentication (2FA) : Changes for 2FA Free plugin for 1 user forever.

5.0.7

  • Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for User Registration and other plugin conflicts in Dashboard.

5.0.6

  • Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for existing customers who upgraded from 4.5.x version to versions between 5.0.0 and 5.0.4 and are facing issues with the Account Setup Tab.

5.0.5

  • Google Authenticator-Two Factor Authentication (2FA) : Bug fix for user entry during plugin update.

5.0.4

  • Google Authenticator-Two Factor Authentication (2FA) : Workaround for errors during sending of OTP during registration.

5.0.3

  • Google Authenticator-Two Factor Authentication (2FA) : Minor fix for removing warings.

5.0.2

  • Google Authenticator-Two Factor Authentication (2FA) : Bug fix.

5.0.1

  • Google Authenticator-Two Factor Authentication (2FA) : Bug fix.

5.0.0

  • Google Authenticator-Two Factor Authentication (2FA) : New UI Interface, 2-factor authentication for Unlimited Users.
  • This is a major release.

4.6.2

  • Google Authenticator-Two Factor Authentication (2FA) : Plugin registration fixes and minor warning fixes.

4.6.1

  • Google Authenticator-Two Factor Authentication (2FA) : Login error fix. Please skip version 4.5.9 and update to version 4.6.1

4.5.9

  • Google Authenticator-Two Factor Authentication (2FA) : Bug fixes for customers who were getting redirected to the login page after the two factor authentication.

4.5.8

  • Google Authenticator-Two Factor Authentication (2FA) : Tested upto 4.9.4 and Removed External links.

4.5.7

  • Google Authenticator-Two Factor Authentication (2FA) : Minor bug fixes.

4.5.6

  • Google Authenticator-Two Factor Authentication (2FA) : Tested upto WordPress 4.9.

4.5.5

  • Google Authenticator-Two Factor Authentication (2FA) : 404 bug fixes.

4.5.4

  • Google Authenticator-Two Factor Authentication (2FA) : Better UI of Login Pages, Fixed Redirection issue. Fixed the error in the last version (4.5.3) for the customers who were getting undefined action error.

4.5.3

  • Google Authenticator-Two Factor Authentication (2FA) : Changed UI of the Login Pages, Redirect to Login Page bug fixes.

4.5.2

  • Google Authenticator-Two Factor Authentication (2FA) : Readme Update: Description Update

4.5.1

  • Google Authenticator-Two Factor Authentication (2FA) : Updated the new Authenticator App’s link and the ‘How to Setup Tab’ tab.

4.5.0

  • Google Authenticator-Two Factor Authentication (2FA) : Fix Google Authenticator configuration issue.

4.4.9

  • Google Authenticator-Two Factor Authentication (2FA) : Added Alert Message for SMS Transactions only when authentication method is OTP over SMS.

4.4.8

  • Google Authenticator-Two Factor Authentication (2FA) : Added Alert Message for SMS Transactions. Fixed Remember Device flow and confliction with themes. Added support for multiple instances of wordpress.

4.4.7

  • Google Authenticator-Two Factor Authentication (2FA) : Updated the error message for 2-factor configuration.

4.4.6

  • Google Authenticator-Two Factor Authentication (2FA) : Instructions for login in case user get locked out.

4.4.5

  • Google Authenticator-Two Factor Authentication (2FA) : Fixed the issue of session variable on the login with username page.

4.4.4

  • Google Authenticator-Two Factor Authentication (2FA) : Added alert messages for OTP over SMS usages.

4.4.3

  • Google Authenticator-Two Factor Authentication (2FA) : Fixed the login flow for third party Apps that supports XML-RPC.

4.4

  • Google Authenticator-Two Factor Authentication (2FA):
  • Compatibility with Limit Login Attempts.
  • New User Interface for login.

4.3.1

  • Google Authenticator-Two Factor Authentication (TFA): Compatible upto 4.7

4.3.0

  • Google Authenticator-Two Factor Authentication (TFA): Updated miniOrange APIs.

4.2.9

  • Google Authenticator-Two Factor Authentication (TFA): Tested upto WordPress 4.6.

4.2.7

  • Google Authenticator-Two Factor Authentication (TFA): Session Warnig fix in the last version for some of the users.

4.2.6

  • Google Authenticator-Two Factor Authentication (TFA): Compatible with wordpress caching.

4.2.5

  • Google Authenticator-Two Factor Authentication (TFA): Improved the session handler.

4.2.4

  • Google Authenticator-Two Factor Authentication (TFA): Updated faq for limit login attempt type of plugins.

4.2.3

  • Google Authenticator-Two Factor Authentication ( 2FA ):
  • Improved Error handling during Account Creation.

4.2.2

  • Google Authenticator-Two Factor Authentication ( 2FA ):
  • Registration Flow fixes

4.2.1

  • Google Authenticator-Two Factor Authentication ( 2FA ):
  • Change of status during login with phone flow and tested with WP 4.5

4.2.0

  • Google Authenticator-Two Factor Authentication ( 2FA ):
  • Mark as tested on WordPress 4.5

4.1.8

  • Google Authenticator-Two Factor Authentication ( 2FA ):
  • Changed the location of images used for demo. Now being loaded from the site having SSL certificate.

4.1.7

  • Google Authenticator-Two Factor Authentication ( 2FA ):
  • Improved Error Handling for Remember Device.

4.1.6

  • Google Authenticator-Two Factor Authentication ( 2FA ):
  • Licensing Plan Updated.

4.1.5

  • Google Authenticator-Two Factor Authentication ( 2FA ):
  • Added Forgot Password functionality for miniOrange customer admin.
  • Added warning message for the users who are using lower version of php.
  • Added functionlity to change the customer email.

4.1.4

  • Google Authenticator-Two Factor Authentication ( 2FA ):
  • Added an option for admin to enable or disable login for XML-RPC supported applications.

4.1.3

  • Google Authenticator-Two Factor Authentication ( 2FA ):
  • Fixed CSS Conflict with the plugins in the admin dashboard.
  • More intuitive UI for woocommerce login.
  • Tested front-end login with themes like wordpress default theme,
    customizr theme,zerif-lite theme,accesspress store theme,ishop theme and many more.

4.1.2

  • Google Authenticator-Two Factor Authentication ( 2FA ): Google Authenticator for Windows phone
  • Fixed CSS conflict with front-end of site if woocommerce is not enabled.

4.1.1

  • Google Authenticator-Two Factor Authentication ( 2FA ): Adding Validation in choosing Security Questions (KBA).

4.1.0

  • Google Authenticator-Two Factor Authentication ( 2FA ): Features added.
    multisite support
    Custom login redirection
    Authy 2-Factor Authentication as separate authentication method

4.0.5

Login into third party apps which support XML-RPC.

4.0.4

Added a check of KBA configuration from mobile login.

4.0.3

Added Support for Authy 2-Factor Authentication App.

4.0.2

Added a check for selection of unique questions during KBA setup.

4.0.1

Bug Fix

4.0

  • Two Factor Authentication ( 2FA ): Features added.
  • KBA as backup method.
  • mobile browser support.
  • more intuitive UI for woocommerce login.

3.8

  • Two Factor Authentication ( 2FA ): Bug Fix.

3.7

  • Two Factor Authentication ( 2FA ): Activation of two factor role wise.

3.6

  • Two Factor Authentication ( 2FA ): email verification in inline registration flow for all users.
    More descriptive setup messages and UI changes.

3.5

  • Two Factor Authentication ( 2FA ): Provided mobile login support.

3.4

  • Two Factor Authentication ( 2FA ): Features added
  • Inline registration flow for users.
  • Security Questions (KBA) as additional method
  • Alternate way of user identification in customer creation.
  • premium customizable features.

3.3

  • Two Factor Authentication ( 2FA ): Fix the issue of session for some versions of php.

3.2

  • Two Factor Authentication ( 2FA ): Fix for device-id compatibility.

3.1

  • Two Factor Authentication ( 2FA ): Fix for 2FA ShortCode.

3.0

  • Two Factor Authentication ( 2FA ): Features added
  • Google Authenticator.
  • Device Id (Remember device).
  • Choice given to admin to enable specific authentication methods for users.
  • Two Factor support for woocommerce theme.
  • Short Code for various customized frontend login.
  • More intuitive UI and descriptive instructions.

2.6

  • Two Factor Authentication ( 2FA ): Fix the compatibility issues of user session with other security plugins.

2.5

  • Two Factor Authentication ( 2FA ): Fix the compatibility issues with All In One WP Security & Firewall plugin.

2.4

  • Two Factor Authentication ( 2FA ): UI fixes for admin media library dashboard.

2.3

  • Two Factor Authentication ( 2FA ): More descriptive setup messages, more intuitive UI.

2.2

  • Two Factor Authentication ( 2FA ): Fixed css issues for existing users

2.1

  • Two Factor Authentication ( 2FA ): Added support for multiple Two Factor Choices like OTP Over SMS, Phone Call Verification, Push Notification, Soft Token (like Google Authenticator Code), Email Verification, etc.

2.0

  • Two Factor Authentication ( 2FA ): Added login with password plus second factor feature.

1.8

  • Two Factor Authentication ( 2FA ): Added feature of different login form choice,test authentication and help for configuration and setup.

1.7

  • Bug Fixes Two Factor Authentication ( 2FA ): Modifying login screen adaptable to user’s login form

1.6

  • Bug Fixes Two Factor Authentication ( 2FA ): fetching 2 factor configuration when activating the plugin after deactivating it.

1.5

  • Bug Fixes Two Factor Authentication ( 2FA ): Login issues and password save issues resolved

1.4

  • Bug Fixes Two Factor Authentication ( 2FA ): Authentication was not working on some version of php.

1.3

  • Bug Fixes

1.2

  • Two Factor Authentication ( 2FA ): Added 2 factor for all users along with forgot phone functionality.

1.1

  • Two Factor Authentication ( 2FA ): Added email ID verification during registration.

1.0.0

  • First version of Two Factor Authentication ( 2FA ) plugin supported with mobile auhthentication for admin only.

Meta

Ratings

See all

Support

Issues resolved in last two months:

4 out of 5

View support forum

Donate

Would you like to support the advancement of this plugin?

Donate to this plugin