Urgent: 2FA Implementation Issue on iThemes Security Plugin
-
Just a heads-up to everyone managing a website: I’ve enabled 2FA on our iThemes Security plugin and unfortunately, it’s broken the admin login. I’m stuck at the login screen and can’t proceed further. Clicking on pass won’t do anything, and continue is grayed out.
Status:
- FTP Access: Yes
- Admin Login: Broken
I’m working to restore settings from a backup but if anyone has experienced this and has a solution, please share.
-
Version 9.0.0
We experienced difficulties with the Two-Factor Authentication (2FA) first time configuration during the login process. Due to this, we’ve disabled 2FA in the wp.config.php with the following line:
define( 'ITSEC_DISABLE_TWO_FACTOR', true ); // Disable 2FAWe also noticed that the for 2FA at login with application option is broken (service unavailable at this moment). We had to use recovery code to login.
Given these issues, the 2FA feature does not appear to be production-ready.
And when we click on the link, “Learn how to disable 2FA”: 403 Forbidden (solidwp.com)
403Hi @helpye,
I believe your question has been answered/issue has been resolved so per the Forum Guidelines, please mark this topic as “Resolved”.
Would be nice if the next release would also include a fix for the typo in the “Learn how to disable 2FA” link. Exact details are outlined in my second post to this topic.
Just to be sure I checked line #516 of the v9.0.1 core/modules/two-factor/providers/class.two-factor-totp.php file. I can confirm the typo is still there.
The topic ‘Urgent: 2FA Implementation Issue on iThemes Security Plugin’ is closed to new replies.
