miniOrange 2-factor Authentication (2FA with SMS, Email, Google Authenticator)

Description

Features | Setup Guide | Documentation

Secure your WordPress site with Two-Factor Authentication (2FA) plugin

The miniOrange Two-Factor Authentication (2FA) plugin adds an extra layer of login protection to your WordPress website, defending against unauthorized access, brute-force attacks, and password theft.

Whether you’re a beginner or an expert, setting up this plugin is easy with our step-by-step wizard. Choose from Google Authenticator, Microsoft Authenticator, OTP login via email, SMS, WhatsApp 2FA, or Telegram, and more.
Have questions? Reach us at 2fasupport@xecurify.com

What is the 2FA Authenticator Plugin for WordPress?

The 2FA Authenticator plugin for WordPress adds an extra verification step, such as an OTP, beyond just your password. Easy to install and configure, this OTP authentication plugin secures your site without disrupting the user experience.

WordPress 2FA Key Features (Free Version)

• User Role-Based Configuration: Apply 2FA or MFA selectively based on user roles or configure it individually per user for more control over who needs additional verification.
• Backup Access Support: Let users generate and use backup codes to log in when their primary 2FA method is unavailable.
• Guided Setup Wizard: An intuitive step-by-step wizard makes it easy to configure and deploy 2FA—no technical skills required.
• Multi-Language Support: The plugin is translation-ready and supports major languages including French, Spanish, Italian, and German.
• Free for 3 Users: Includes full access to 2FA features for up to three users—ideal for small teams or personal sites.
• Customize Email Templates: Personalize OTP and 2FA emails to reflect your brand and improve user trust.
• 2FA Login Reports & IP Alerts: Track login activity and get email alerts for logins from new IP addresses.
• Custom Post-Login Redirection: Redirect users to any page after 2FA, like a dashboard, homepage, or custom URL.
• 2FA for Popular Login Forms: Enable 2FA on WooCommerce, Theme My Login, Elementor, and other custom login forms.

Which 2FA Authentication Methods Do We Support?

Get support for a wide range of 2FA authentication methods, including Google Authenticator, OTP over SMS/Email, WhatsApp 2FA, Microsoft Authenticator, and more.

1. TOTP-Based Authentication: Our 2FA plugin is compatible with popular authenticator apps including:

   • Google Authenticator: A widely trusted TOTP app that generates rotating login codes every 30 seconds—ideal for fast and offline verification.
   • Microsoft Authenticator: Easily syncs with your Microsoft account and supports time-based one-time passcodes for secure WordPress login.
   • LastPass Authenticator: Combines password management with strong 2FA protection by generating time-based codes linked to your LastPass account.
   • Duo Authenticator: Enterprise-ready authentication app offering secure TOTP codes and push notifications for streamlined two-factor login.
   • Authy 2-Factor Authenticator: Supports multi-device syncing and cloud backups while generating secure TOTP codes for your WordPress login.
   • FreeOTP, and other

2. OTP Authentication:

   • OTP via Email: Send one-time passcodes to users directly via email for secure and convenient login verification with OTP Over Email support.
   • OTP via SMS: Get login codes to users through SMS for fast two-step OTP login verification on mobile devices.
   • OTP over Telegram: Use Telegram for OTP authentication if you prefer messaging-based login verification.
   • OTP over WhatsApp(Premium): Use WhatsApp 2FA to send login passcodes directly to the user’s WhatsApp account for a faster and familiar authentication experience.

3. Email Verification via Link: Let users verify their login using a secure one-click email verification link—no passcode entry needed.

4. Security Questions: Add a personal security layer by asking predefined questions during login, ideal as a backup or secondary method.

5. SMS Verification via Link(Premium): Enable users to verify their login using an SMS verification link.

Upgrade to miniOrange 2FA Premium for Advanced Security

The premium plan of miniOrange WordPress 2FA gives you complete control over how users authenticate, helping you enforce policies across all roles, customize the login experience, and secure even the most complex WordPress setups.
With the premium Two Factor Authentication plugin, you gain access to more verification methods like unlimited OTP login via email/SMS, WhatsApp 2FA, trusted device support, multisite compatibility, and full branding capabilities—perfect for growing businesses, eCommerce platforms, and enterprise teams.

Premium Features List

• 2FA for All Users & Roles: Enforce 2FA across your entire website or apply it selectively to specific user roles or individual users.
• Unlimited Email OTP Transactions: Send unlimited email-based one-time passcodes—ideal for large-scale user bases and frequent login environments.
• Role-Based 2FA Policies: Create different 2FA rules for each user role—require stronger authentication for admins while offering simpler methods for customers.
• User-Specific 2FA Management: Enable or disable 2FA for individual users directly from their profile or admin settings.
• Backup Login Options: Allow users to log in using alternate methods like security questions, email-based OTP, or backup codes when the default method is inaccessible.
• Custom Redirect After 2FA: Send users to a specific page (dashboard, custom welcome, etc.) after completing 2FA authentication.
• Custom Labels in Authenticator Apps: Customize the account name shown in Google Authenticator and other apps for clearer identification.
• Custom Security Questions: Set your own challenge questions to match your organization’s security policies.
• Force 2FA Setup on Login: Automatically prompt users to configure 2FA on their next login and restrict access until it’s enabled.
• Email Notifications for 2FA Setup: Send automated emails reminding users to set up their 2FA—improving compliance without manual follow-up.
• Trusted Devices Feature: Let users remember their device or browser to bypass 2FA on trusted systems for future logins.
• Customizable Login UI: Easily style 2FA prompts and popups to match your theme and brand—no coding needed.
• Multisite Compatibility: Support for WordPress multisite networks, with 2FA settings across up to 3 subsites included.
• White Labeling & Branding: Fully rebrand the plugin with your logo, colors, and email templates to offer a seamless branded experience.
• Shortcodes for User Profile Controls: Add 2FA management shortcodes to user account pages so users can enable, disable, or reconfigure their 2FA settings.
• Session Management Controls: Restrict users from logging in on multiple devices simultaneously to prevent unauthorized access or credential sharing.
• Passwordless Login: Let users log in using a one-time passcode—no password required—while maintaining strong account security.
• Support for Custom & Third-Party Login Forms: Works seamlessly with plugins like UserPro, Login with Ajax, Theme My Login, and more.
• Custom SMS Gateway Support: Integrate your own SMS gateway to send OTPs, giving you full control over delivery, cost, and sender branding.
• Remember IP to Bypass 2FA: Mark trusted IP addresses to skip 2FA prompts and streamline login for internal users or safe environments.
• Prevent Credential Sharing: Restrict multiple logins from different IPs or devices, helping you enforce strict account access policies and stop sharing.
• Custom Form Integration: Add 2FA to any custom login form—even those not on the supported list—through flexible integration and custom support.

Which 2FA Authentication Methods Do We Support?

Step 1. Install and Activate

Search for the miniOrange Two-Factor Authentication plugin on the WordPress marketplace, then install and activate it from your dashboard.

Step 2. Enable 2FA from Form Settings Tab

Enable 2FA from the quick setup tab, choose user roles, and save your settings.

Configure 2FA Method of Your Choice

Select and set up your preferred 2FA authentication method, such as Google Authenticator, OTP over SMS, or WhatsApp 2FA, from the available options while logging into the form for first time.

Built to Integrate Seamlessly

Two Factor Authentication – WordPress 2FA/MFA plugin is compatible with popular plugins such as:-

• WooCommerce
• Ultimate member
• Buddy Press
• Elementor Pro
• Login With Ajax
• User Registration
• Restrict Content Pro
• Login Press
• Registration Magic
• Admin Custom Login
• Theme My Login
• Profile Builder and many more.

Have a plugin not listed here? We offer custom integration support—just reach out.

Third-Party Custom SMS Gateway for OTP via SMS

The premium version of the miniOrange Two-Factor Authentication plugin supports any third-party SMS gateway for OTP-based login via SMS.
Whether you already use a custom SMS provider or need to integrate with a local/regional provider, you can easily configure it within the plugin
Famous SMS gateways supported by Two Factor Authentication – WordPress 2FA plugin.

Why You Need to Register with miniOrange?

Some features of the plugin, such as OTP via SMS or Email in the Free plugin, require secure transactions needed to be credited to your account use this method through miniOrange Gateway.
However, most features work even without registration, including TOTP apps like Google Authenticator, Microsoft Authenticator, security-based questions and backup codes.

Customized solutions and active support for the miniOrange Google Authenticator or Two Factor Authentication(2FA) plugin are available. Email us at info@xecurify.com/2fasupport@xecurify.com or call us at +1 9786589387.