Brian Haas
Forum Replies Created
-
Forum: Reviews
In reply to: [Two Factor] Users can undermine, only suitable for adminHi @kloproterra,
You’ve identified a genuine, well-known limitation of this plugin. The Two Factor plugin currently works on a voluntary, per-user basis — each user must opt in to configure a second factor themselves. There is no built-in way for a site administrator to require that users in certain roles have 2FA configured before they can access the site. This gap is consistently the most-requested missing feature in the plugin.
There is an open GitHub issue (#846) tracking role-based enforcement as a planned feature, but it isn’t in the plugin yet.
Sorry the plugin doesn’t meet your use case in its current state — hopefully the enforcement feature lands in a future release.
Forum: Reviews
In reply to: [Two Factor] worked and super fast support time.Thanks @bowerwebsolutions – we appreciate your review !
Forum: Plugins
In reply to: [Two Factor] customize 2fa vailidation screenThe email code validation screen showing the WordPress logo is actually not specific to the Two Factor plugin — this is WordPress core behavior. WordPress uses the same login page styling (with the WP logo) for all login-related screens by default, including the 2FA validation step.
To customize it with your own logo and branding, you can use the built-in
login_enqueue_scriptsandlogin_headerurlhooks that WordPress provides natively — no plugin needed. If you want a more complete solution with full theme branding, there are a lot plugins in the repository. See here: https://ww.wp.xz.cn/plugins/search/login+page+customizer/Since the 2FA validation screen reuses WordPress’s standard login page template, this customization will apply to it automatically — no special handling for the Two Factor plugin is required.
Forum: Plugins
In reply to: [Two Factor] Two-factor 0.14.2 works, 0.15.0 doesn’tHi everyone,
I believe these are two separate issues. I’ve drafted a fix for the WPML / multi-domain setup which you can find here: https://github.com/WordPress/two-factor/pull/886
If you’re affected, please test and let us know whether it resolves the issue for you. Feel free to leave feedback directly on the PR as well — that helps us track it in one place.
Forum: Reviews
In reply to: [Two Factor] ExcellentThank you so much for the kind review @aelbo! 🙏
Forum: Plugins
In reply to: [Two Factor] Authenticator App IconHey @technabob
Thank you very much for opening this support request 🙂
The icon shown in authenticator apps comes from your site’s favicon. The Two Factor plugin passes your site URL as the issuer when generating the QR code, and apps like Google Authenticator or Authy use that to fetch and display the favicon.
A few things to check on the site where the icon isn’t showing:
- Make sure a Site Icon is set — go to Appearance → Customize → Site Identity and upload a square image (512×512px is recommended).
- Re-add the account in your authenticator app — many apps fetch the icon only once, at the time you scan the QR code. If the favicon wasn’t set back then, the app won’t show it even after you add one. Removing and re-adding the 2FA account (after setting the favicon) should pick it up.
- Use a standard format — a square PNG works best. Some apps struggle with SVG or non-square favicons.
Hope that helps!
Forum: Reviews
In reply to: [Two Factor] Version wordpress 6.9.4Hey @mjezegou35
Thanks for reaching out! Our support policy covers the current and previous major versions of WordPress.
With WordPress 6.9 being the latest release, we actively support 6.8 and 6.9. Since you’re on 6.6.2, that version falls outside our current support window, which is why we’re unable to guarantee compatibility or troubleshoot activation issues on that version.
We’d strongly recommend upgrading WordPress to 6.9 — the current plugin release is fully compatible and multisite network activation will work as expected.
If upgrading isn’t an option right now, you can install an older release of the Two Factor plugin as a workaround. We’d suggest version 0.14.2, which is the last release before the minimum WordPress requirement was raised to 6.8.You can download it here:
https://github.com/WordPress/two-factor/releases/tag/0.14.2
Please note: we don’t recommend staying on an older plugin version long-term, as it won’t receive bug fixes or security updates. This should only be a temporary solution while you plan your WordPress upgrade.
Let us know if you have any other questions!Thank you @singhamritwp for the kind words — really glad the setup experience feels smooth and the range of verification methods works for your needs.
The Two-Factor plugin is a community effort, and feedback like this keeps contributors motivated. If you ever run into edge cases or have feature ideas, the GitHub repo is always open.
Forum: Plugins
In reply to: [Two Factor] two-factor 재검증이 불가능할 경우Hi @yeosunhui
I understand you no longer have access to your Authenticator app and didn’t activate recovery codes. Now you want to reset Two Factor authentication . Here are your options:
If you have access to the WordPress admin through another admin account, you can manage the user’s 2FA settings directly from Users → [username] → Edit. This allows you to reset the TOTP and let the user set it up again.
If you dont have another admin access let me know!
Forum: Plugins
In reply to: [Two Factor] TOTP codes from Apple Passwords are wiped on the login screenThanks @paulhengold ! I just moved this over to github to track this issue going forward: https://github.com/WordPress/two-factor/issues/880
Forum: Plugins
In reply to: [Two Factor] l10n issue (at least for German)Hallo / Hey @thomascloer
Thank you very much for raising this issue. I’ve opened a GitHub issue to track this on the development side: https://github.com/WordPress/two-factor/issues/872
Hope we can solve this issue fast! 🙂
Greets
BrianForum: Plugins
In reply to: [Two Factor] Plugin stopped workingNo issue, thank you for the fast feedback!
If the Two Factor plugin is keeping your sites secure day-to-day, we’d really appreciate it if you took a moment to leave a review — it helps others discover the plugin. 🙂
Forum: Plugins
In reply to: [Two Factor] Plugin stopped workingHey @johan-stam
Thanks for the report — sorry to hear it stopped working across multiple sites. To help narrow this down, could you share a few more details?
- What 2FA method(s) are you using? (Email, TOTP/authenticator app, backup codes, etc.)
- What exactly happens when you try to log in? Do you reach the 2FA screen at all, or does it fail before that? Any error messages?
- Which SMTP plugin are you using? Even without logs, knowing the plugin may help identify a compatibility issue.
- Are all three sites on the same host or different hosting environments?
- Can you temporarily enable WordPress debug logging (
WP_DEBUGandWP_DEBUG_LOGin wp-config.php) and check/wp-content/debug.logfor any errors during a login attempt?
Any details you can share will help a lot!
Thanks!
Forum: Plugins
In reply to: [Two Factor] Two-factor 0.14.2 works, 0.15.0 doesn’t@therab @edwardpiou any chance your also using a multi-domain / multi-language setup with WPML or a similar plugin?
Forum: Reviews
In reply to: [Two Factor] Easy install, light speedHi @yorlinqnl,
Thank you very much for taking the time to share a review! 🙏