Hi @intercettazioni, thanks for reaching out and sorry to see the 2FA codes don’t seem to work with your site any more.
If you don’t have the recovery codes to gain access, you can get back into your site using the methods below. The first way is if you have added the site in Wordfence Central (a free site management tool in your account on wordfence.com):
- Login to Wordfence.com and look for the Configuration tab.
- Click the gear icon at the end of the row that the site you need to access is on.
- Scroll down to the Login Security Options section and expand it by clicking the small black arrow to the right.
- In the section that says “Whitelisted IP addresses that bypass 2FA” add your public facing IP address.
NOTE : You can get your public facing IP by clicking this link.
- Scroll back to the top of the screen and save the changes.
- You should now be able to login to your site with just a username and password.
If you haven’t added your site to Wordfence Central follow these steps:
- Please use FTP/SFTP — or any file manager your web host provides via their administration panel.
- Look inside the /wp-content/plugins/ directory and rename the wordfence directory to wordfence.bak. This will deactivate Wordfence and allow you to login without the 2FA code.
- Once you have logged in to your WordPress admin you can name the folder back to wordfence again.
- Go to your user profile and add 2FA back to your account, making sure to download the backup codes in case of problems in the future.
You shouldn’t be able to reenable 2FA unless the codes correctly match at the time of activation, so they should continue to work with your device going forward if they match at this initial point.
Thanks,
Peter.
