Sep 062022
 

AIOS Two Factor Auth Settings helps you activate and manage two factor authentication in your site and more.

Last Updated: November 6, 2023

Latest News: Updated the documentation.

AIOWPS plugin has added the Two factor auth feature to better secure your site when login in. This is another great feature in this already great security plugin to better prevent unauthorized logins into your site. Part of this new feature is also Premium. Make sure you test this feature carefully before login out of your admin panel.

Note: If you activate two-factor authentication, then verify that your two-factor application and this page show the same One-Time Password (within a minute of each other) before you log out.

What you need:

AIOS Two Factor Auth Settings

Step 1 ) Go to WP Security -> Miscellaneous admin sidebar menu as illustrated in the image below.

aios-two-factor-auth-admin-menu

Activate two facto authentication

Step 2 ) The following image Activate two facto authentication allows you to set up the following options.

Activate two facto authentication option

  • Enabled (Current code 318600) (Note: This code will be different in your settings)
  • Disabled
  • Click on Save Changes button once you complete this option.

aiowps-two-factor-auth-activation-option

Current one-time password (update)

Step 3 ) The following image Current one-time password (update) allows you to set up the following options.

Current one-time password (update) options

  • Update the one time password.
  • Reset the private key.
  • Setup the emergency code. (Note: This is a Premium feature)

aiowps-two-factor-auth-one-time-password

Advanced settings

Step 4 ) The following image Advanced settings allows you to set up the following options.

Advanced settings options

  • TOTP (time based – most common algorithm; used by Google Authenticator)
  • HOTP (event based)
  • Click on Save Changes button once you complete this option.

aiowps-two-factor-auth-advanced-settings

Two Factor Authentication Admin Settings

Step 5 ) The following image Two Factor Authentication Admin Settings allows you to set up which user role will have two factor authentication option available for activation in their account.

Two Factor Authentication Admin Settings Options

  • Default WordPress User Roles
    • Administrator
    • Editor
    • Author
    • Contributor
    • Subscriber
  • Other Plugins User Roles (Note: In your site you might have different user roles available from other plugins.)
    • FDP Manager
    • FDP Viewer
  • Click on Save Changes button once you complete this option.

aiowps-two-factor-auth-admin-settings

Two Factor Auth for New Registrations

Step 6 ) The following image shows you the Two Factor Auth feature illustrated on the admin sidebar for the new registered user (Subscriber) in your site. The new subscriber needs to set up the two factor authentication feature in their account to activate the 2FA for their login. They need to follow the same instructions mentioned in Step 2 ) and Step 3 ) above.

aiowps-two-factor-auth-new-registration-activation-option

Step 7 ) The following image shows you the One Time Password (i.e. 2FA) field displayed to the subscriber after they have activated the two factor auth in their account, logged out and logged back in. This field is displayed in the second screen after they enter their username and password and click on the first displayed Log In button. Then they enter their one time password and click on Log In button again.

Note: One Time Password (i.e. 2FA) is based on the option selected in Step 4 ) above.

aiowps-two-factor-auth-one-time-password-login-widget

FAQ

Q1 Do you have a php code snippet that can be used to turn off 2FA temporarily?

Answer: Yes, add  define(‘TWO_FACTOR_DISABLE’, true); in wp-config.php file. This will disable 2FA. When you want to enable 2FA again remove the code or set it to false. Click the following link forum post to learn more.

=========

Q2 Is there some way for subscribers/members to set up and manage 2FA on the front end?

Answer: Yes, it is possible to manage the front-end editing of the settings, via short code. You have to place the shortcode in the correct place below edit profile somewhere in your front end page. Click the following link forum post to learn more.

========================================

The above features create extra security protection in your site when login in.

If you have any questions please let me know.

Enjoy.

All In One Security (AIOS) Plugin Tutorial List

I have been working in IT since 1999 and I enjoy the challenges it brings me. I love developing websites with WordPress. I spend a lot of time helping out in wordpress.org forums. I have been writing tutorials since 2011. Now I am learning how to manage my own VPS "Virtual Private Server.

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

eighteen + nine =