Allows administrators to either nag users to enable two-factor authentication, or force them to enable it.
| Author: | Ian Dunn (profile at wordpress.org) |
| WordPress version required: | 3.1 |
| WordPress version tested: | 4.9.25 |
| Plugin version: | 0.2 |
| Added to WordPress repository: | 15-12-2013 |
| Last updated: | 23-04-2021
Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
|
| Rating, %: | 86 |
| Rated by: | 3 |
| Plugin URI: | http://wordpress.org/plugins/google-authentic... |
| Total downloads: | 8 636 |
| Active installs: | 100+ |
 Click to start download |
|
The Google Authenticator plugin is a great way to add two-factor authentication to your site, but in order for it to work, users have to activate it for their account themselves. They may not know that it’s available, or may not be motivated to enable it.
This plugin helps administrators to encourage users to activate it, and has three different methods for doing that, depending on how strict you want to be:
- Gently Nag the user: A warning message will appear at the top of the Dashboard and Profile screens, asking them to enable two-factor authentication. The message goes away when they enable it. This is the default behavior.
- Persistently Nag the user: The warning will appear at the top of all screens until they enable two-factor auth.
- Force the user: The warning will appear on all screens, and the user will also be prevented from doing anything inside wp-admin until they activate two-factor auth. They’re temporarily assigned the role of a Subscriber, and redirected to their profile whenever they try to access another screen. Once they enable two-factor auth, their original role is restored and they can access other screens again.
Keep in mind that the Google Authenticator plugin doesn’t require users to enter a valid 2FA code from their phone during the activation process, so some users may not set it up correctly and lock themselves out of their account. This is unfortunate and may result in more support requests, but it’s a small price to pay for increased security.
Screenshots
FAQ
ChangeLog