Download

miniOrange's Google Authenticator – WordPress Two Factor Authentication (2FA , Two Factor, OTP SMS and Email) | Passwordless login

By miniOrange

Description

Google Authenticator – Two Factor (WP 2FA/OTP) – Provides secure login to WordPress. This plugin can be configured for any TOTP-based methods like Duo/Microsoft/Google Authenticator. It supports OTP-based 2fa methods.

You can check out following video to configure google authenticator as a two factor:

Trial for Google authenticator Premium and Enterprise plugin

We do provide 7 days trial of our Google Authenticator Premium plugins. You can test all Premium features including 2fa methods such as google authenticator, OTP Over SMS/Email.

[Google Authenticator – Two step verification/ 2 Factor Authentication/ WP 2FA] FREE Plugin Features

  • Simplified & easy user interface to set up Google Authenticator and other Two-Factor Authentication ( WP 2FA/TFA/OTP ) methods.
  • 3 Users forever FREE!
  • QR Code authentication, Push Notification, Soft Token and Security Questions(KBA) are supported in the plugin for multi factor authentication(WP 2FA/TFA).
  • Includes Language Translation Support
  • User Profile 2fa: Administrators can set up Two Factor (TFA)of users via WordPress users section
  • Multi Factor Authentication(MFA): This feature can be used to invoke any two factor method on login among multiple methods which were configured. You can configure multiple 2fa methods that can be used as a backup 2fa method
  • Two-Factor Authentication ( TFA/2FA ) for Ajax login forms like User Pro, login with ajax, Theme my login, etc with all authentication methods.
  • Passwordless login and login with phone number
  • Prevent account sharing: Google Authenticator(WP 2FA) restricts users from sharing WordPress login credentials which help to secure WordPress Websites. The Google authenticator plugin also adds a session control feature that limits user sessions based on WordPress User activities.
  • This plugin Supports standard TOTP
  • Two-Factor Authentication (WP 2FA/TFA) allows authentication on the login page itself for Google Authenticator & miniOrange Soft Token
  • Multiple Login Options: Username + password + two-factor (or) Username + two-factor i.e. Passwordless login /Login without password /Password free authentication
  • Recovery codes in case you are locked out for all Two-Factor Authentication (WP 2FA/TFA)
  • Mobile verification – two step verification (WP 2FA/TFA) using a user’s mobile phone with authentication method like google authenticator, QR code authentication, etc.

Additional Features other than the basic Google Authenticator two-factor authentication

  • Complete Web Security suite to protect wordpress from any attacks
  • Web Application Firewall (WAF): WordPress Firewall to protect your site
  • OWASP TOP 10 Protection
  • Login Protection: Spam and Login Protection
  • Malware scanner: Detects any virus, malware and trojan
  • Backup: Taking Encrypted Backup with local storage and cloud storage
  • Limit Login Attempts to stop password guessing
  • Realtime Global IP Blocking
  • Limit Rate of Request: Protecting resources from any security hole exploit
  • Crawler Detection and blocking
  • Blocking IP and Attacks
  • Country Blocking and Browser Blocking
  • Brute Force Attacks prevention to stop password hack
  • Captcha for Bot Detection
  • Google Recaptcha
  • Login Form Protection
  • Registration Form Protection
  • Integration with different plugin – WooCommerce, Buddypress, Ultimate Member and others
  • Reporting
  • Audit Log

Apps Supported by the two-factor authentication (2FA/MFA) plugin

  • Google Authenticator
  • miniOrange Authenticator
  • Duo Authenticator
  • Microsoft Authenticator
  • Authy 2 Factor Authenticator
  • LastPass Authenticator
  • FreeOTP Authenticator

User Identity Verification or multi-factor authentication with Google Authenticator

Login and Registration: Verify users on login with different two factor methods like OTP over SMS, OTP Over Email, OTP Over Telegram, Google Authenticator, SMS Verification, Email, Authy Authenticator, Duo Authenticator, Microsoft Authenticator, TOTP Based Authenticator, Security Questions, and many others.
Users will receive an OTP at the time of registration which will be used to verify their identity. OTP can be received either via OTP Over email or via OTP over SMS.

Plugin Integrations and Support for all methods of two-factor authentication/two step verification ( WP 2FA/TFA/OTP )

Our plugin is integrated with popular Plugins such as WooCommerce and Ultimate member.

Third Party Custom SMS Gateway for OTP Over SMS (two-factor authentication / 2FA )

The premium plugin supports any third-party custom SMS Gateway. If you don’t have your SMS gateway you can use miniOrange gateway and send SMS(OTP over SMS) all over the world.
Here are some famous gateways supported for two factor (WP 2FA/TFA/OTP).
Test your Gateway

Why do you need to register for Google Authenticator?

Google authenticator uses miniOrange APIs to communicate between your WP and miniOrange. To keep this communication secure, we ask you to register and assign API keys specific to your account. This way your account and users’ calls can be only accessed by API keys assigned to you.
Adding to this, you can also use the same account on multiple applications and your users do not have to maintain multiple accounts or WordPress 2FA like Google Authenticator if you are using our cloud solution. Single code generated in Google Authenticator will be enough to log in to all sites. With this, you can also achieve sync of two-factor authentication on multiple sites.

Google Authenticator ( WP 2FA – two-factor authentication ) Premium Lite Plugin Features

Google Authenticator ( WP 2FA/OTP ) Enterprise Plugin Features

  • Google Authenticator – Two-Factor Authentication – 2FA for Users as per the upgrade ( User-based pricing )
  • Available Authentication Methods: Google Authenticator, Authy Authenticator, Microsoft Authenticator, LastPass Authenticator, QR Code, Push Notification, Soft Token, Security Questions(KBA), OTP Over Email, OTP Over SMS, OTP Over SMS and Email, Email Verification, Hardware Token. ( SMS and Email credits need to be purchased as per the need)
  • Multiple Login Options: Username + password + two-factor Authentication (or) Username + two-factor authentication(2FA) i.e. Passwordless login /Login without password /Password free authentication.
  • Backup Methods: KBA(Security Questions), OTP Over Email, Backup Codes
  • Sync 2fa for multiple websites
  • Multisite compatible for all WordPress 2FA methods.
  • Email notification to users asking them to set up Google Authenticator – Two-Factor Authentication (WP 2FA/TFA).
  • User role based redirection after Login, Custom Security Questions (KBA), Customize account name in Google Authenticator app.
  • Enable Two-Factor Authentication (WP 2FA/OTP) for specific Users/User Roles
  • Choose specific two-factor authentication methods for Users
  • Add-Ons Included: RBA & Trusted Devices Management Add-on, Personalization Add-on and Short Codes Add-on
  • Brute force attack prevention, IP Blocking & User login Monitoring
  • File protection & strong password
  • Monitoring current Google Authenticator and other two-factor authentication (2 Factor) method of all the users in the plugin
  • Session restriction

Add Ons for two-factor authentication ( WP 2FA/OTP )

  • RBA & Trusted Devices Management Add-on Features for two-factor authentication ( WP 2FA/OTP )

    • Remember Device to skip the two-factor authentication ( 2 Factor ) from the trusted devices.
    • Set Device Limit for the users to login

  • Personalization Add-on Features to customize your two-factor authentication pages

    • Custom UI of Two-Factor Authentication (WP 2FA/TFA) pop-ups
    • Custom Email and SMS Templates
    • Customize ‘Powered by’ Logo on wp 2fa authentication page
    • Customize Plugin Icon
    • Customize Plugin Name

  • Short Codes Add-on Features for two-factor authentication ( 2FA/MFA )

    • Turn on/off 2 factor (two-factor authentication) by user
    • Reconfigure 2fa methods
    • ‘Enable Remember Device’ from a custom login form to skip 2 factor for trusted devices.
    • On-Demand ShortCodes for specific functionalities ( like for enabling WordPress 2FA (Two-Factor authentication) for specific pages)

  • Device restriction with webauthn/ FIDO2
    Password free authentication is possible with WebAuthn.

Check all the features other than two-factor authentication ( Two step verification ) here: miniOrange Website

Useful blog posts about two-factor authentication ( 2FA/MFA ) plugin

Customized solutions and Active support are available. Email us at info@xecurify.com or call us at +1 9786589387.

Note: The plugin is GDPR Compliant and supports a wide variety of Language Translation

Screenshots

  • Google Authenticator (WP 2FA/OTP) - Setup different 2 Factor methods
  • Google Authenticator (WP 2FA/OTP) - Test 2 factor configured
  • Google Authenticator (WP 2FA/OTP) - 2 Factor Authentication (2FA) methods available
  • Google Authenticator (WP 2FA/OTP) - Google Authenticator login
  • Google Authenticator (WP 2FA/OTP) - QR code 2 Factor (2FA) login
  • Google Authenticator (WP 2FA/OTP) - miniOrange Authenticator login
  • Google Authenticator (WP 2FA/OTP) - Push notification login
  • Google Authenticator (WP 2FA/OTP) - Remember device and personalization add-ons

Installation

From your WordPress dashboard

  1. Navigate to Plugins > Add New from your WP Admin dashboard.
  2. Search for miniOrange 2 Factor Authentication (2FA)or Google Authenticator.
  3. Install miniOrange 2 Factor Authentication (2FA) and activate the plugin.

From WordPress.org

  1. Search for miniOrange 2 Factor Authentication (2FA) and download it.
  2. Unzip and upload the miniorange-2-factor-authentication (2FA) directory to your /wp-content/plugins/ directory.
  3. Activate miniOrange 2 Factor Authentication (2FA) from the Plugins tab of your admin dashboard.

= Once Activated [Google Authenticator – Two Step Verification]=
1. Select miniOrange 2-Factor ( 2 factor authentication ) from the left menu and follow the instructions.
2. Once, you complete your setup. Click on the Log Out button.
3. Enter the username and password. After the initial validation, you will be prompted for the 2-factor method you had set up.
4. Validate yourself with the 2-factor authentication(WP 2FA/TFA) method you configured.

Video Guide :

FAQ

How do I gain access to my website if I get locked out using the Google Authenticator?

You can obtain access to your website by one of the below options:

  1. If you have an additional administrator account whose Two Factor (2FA) is not enabled yet, you can login with it.
  2. If you had set up KBA questions earlier, you can use them as an alternate method to login to your website instead of 2FA.
  3. Rename the plugin from FTP – this disables the Google Authenticator (WP 2FA/TFA) plugin and you will be able to login with your WordPress username and password.

For detailed information, Please check on our website. Locked Out.
You can also check our video Tutorial:

I want to enable Google Authenticator 2 Factor authentication (2FA) as the backup method?

You can use google authenticator as the backup method for your specific user or all users in the premium version of the two-factor authentication. [PREMIUM FEATURE]

I have enabled Two-Factor Authentication (2FA/TFA) for all users, what happens if an end-user tries to login but has not yet registered?

If a user has not set up Two-Factor yet, the user has to register by inline registration that will be invoked during the login.

I want to enable only one authentication method for my users. What should I do?

You can select the two-factor authentication methods under the Login Settings tab. The selected authentication methods will be shown to the user during inline registration for example if you select Google Authenticator it will be shown on login. [PREMIUM FEATURE]

I have a custom/front-end login page on my site and I want the look and feel to remain the same when I add 2 factor ?

If you have a custom login form other than wp-login.php then we will provide you the shortcode. Shortcode will work only for the customized login page created from WordPress plugins. We are not claiming that it will work with all the customized login pages. In such a case, custom work is needed to integrate two factor with your customized login page. You can submit a query in our Support Section in the plugin or you can contact us at info@xecurify.com for more details.

I have installed plugins that limit the login attempts like Limit Login Attempt, Loginizer, Wordfence, etc. Are there any incompatibilities with these kinds of plugins?

The limit login attempt kind of plugins limit the number of login attempts and block the IP temporarily. So if you are using 2 factor(WP 2fa/TFA) along with these kinds of plugins then you should increase the login attempts (minimum 5) so that you don’t get locked out yourself.

If you are using any Security Plugin in WordPress like Simple Security Firewall, All in One WP Security Plugin and you are not able to login with Two-Factor.

Our Two-Factor plugin is compatible with most of the security plugins, but if it is not working for you. Please submit a query in our Support Section in the plugin or you can contact us at info@xecurify.com.

If you are using any render-blocking javascript and CSS plugin like Async JS and CSS Plugin and you are not able to login with Two-Factor or your screen got blank.

If you are using Async JS and CSS Plugin. Please go to its settings and add jquery to the list of exceptions and save settings. It will work. If you are still not able to get it right, Please submit a query in our Support Section in the plugin or you can contact us at info@xecurify.com.

My phone has no internet connectivity and I am entering the one time passcode from miniOrange Authenticator App, it says Invalid OTP?

Click on the Settings Icon on top right corner in miniOrange Authenticator App and then press Sync button under ‘Time correction for codes’ to sync your time with miniOrange Servers. If you still can’t logged in then please email us at info@xecurify.com or Contact us.Soft Token method is just like google authenticator method.

I am upgrading my phone.

You should go to Setup Two Factor (2FA) Tab and click on Reconfigure to reconfigure 2-Factor with your new phone.

Reviews

Excellent Support

Duujal 4, 2022
Soham and Mayur were able to fix all of my issues and always did so in a timely manner. The premium plugin works as advertised. Very happy with my decision to support this company.

Good recovery

MBooy 8, 2022
Had some issues but good recovery from customer services and now app is set up properly. I think the app could be better supported with clearer user education beforehand. There is a lot of tricky set upon issues for the new user. But the follow-up support was very helpful.

Had problems with logging in but support was a great help

Siilo 20, 2022
I had installed the plugin on 2 WP sites and for whatever reason I logged myself out on 1 site. The support has been very helpful and solved the problem for me. A big big thank you to Mintu Kumar from the support team! Everything works fine now! 🙂

Update forces a trial notice that CANNOT be dismissed

Siilo 18, 2022
Have used this plugin for years... no issues. However, the latest update pushed on a WP notice on every single dashboard page to upsell their premium subscription. However, the "Dismiss" and the "Never Show Again" buttons do absolutely nothing. After 24 hours of back and forth with their support, they claim it is fixed. It's not. It's on every single one of my sites, clearly an issue with the plugin updates. Until they actually fix their issue (a breach of WP plugin policy to use notices that cannot be dismissed) - find a better 2FA plugin. I'd give this a 0 if I could.
Read all 320 reviews

Contributors & Developers

“miniOrange's Google Authenticator – WordPress Two Factor Authentication (2FA , Two Factor, OTP SMS and Email) | Passwordless login” is open source software. The following people have contributed to this plugin.

Contributors

Translate “miniOrange's Google Authenticator – WordPress Two Factor Authentication (2FA , Two Factor, OTP SMS and Email) | Passwordless login” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

5.5.5

  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Compatibility with WordPress v6.0
  • Added SMS transactions link

5.5.4

  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Minor Bug fix

5.5.3

  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • UI fixes for non-admin users

5.5.2

  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Updated Plugin UI

5.5.1

  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Updated Pricing page UI

5.5

  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Updated Network Security UI

For older changelog entries, please see the additional changelog.txt file provided with the plugin.

Meta

Ratings

See all
Log in to submit a review.

Support

Issues resolved in last two months:

3 out of 3

View support forum

Donate

Would you like to support the advancement of this plugin?

Donate to this plugin