Authentication without App | ww.wp.xz.cn

Resolved troop236bsa
(@troop236bsa)

9 years, 2 months ago

Hello,

I love this plugin – super simple and it works with TML! However, I was wondering if there could be a way for users to authenticate their login without an app?

It would be rather difficult to ask all the members of my site to install an app on their phone, computer or browser just to authenticate their login.

I was wondering if an email could be sent with an authentication code instead, since every account has an email attached to it? Is there a way for the plugin to do this?

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Author David Anderson / Team Updraft
(@davidanderson)

9 years, 2 months ago

Hi,

We decided not to implement the sending of codes by email for two reasons:
1) Email delivery is unreliable, and this leads to use frustration. Especially since under the standard TOTP protocol (which this plugin uses), one-time codes are valid for a short time.
2) For the majority of users, email isn’t a true second factor, because WordPress allows them to reset their password via email. So, if both of those go to the same account, then there’s only one factor – access to one thing (the email account) gets you everything.

David

Thread Starter troop236bsa
(@troop236bsa)

9 years, 2 months ago

David,

Thanks for the quick reply.

That’s fair enough. Thought I’d ask!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Authentication without App’ is closed to new replies.

Tags

2 replies
2 participants
Last reply from: troop236bsa
Last activity: 9 years, 2 months ago
Status: resolved