Beskrivelse

Anvend totrinsgodkendelse afsnittet under “Brugere” “Din profil” til at aktivere og konfigurer en eller flere totrinsgodkendelse udbydere for din konto:

E-mail koder
Tidsbaseret engangskoder (TOTP)
FIDO Universal 2nd Factor (U2F)
Backup koder
Dummy Metode (kun udviklingsformål)

Se mere historik i dette indlæg.

Actions & Filters

Her er en liste med action og filer hooks som er understøttet af plugin’et

two_factor_providers filter overrides the available two-factor providers such as email and time-based one-time passwords. Array values are PHP classnames of the two-factor providers.
two_factor_enabled_providers_for_user filter overrides the list of two-factor providers enabled for a user. First argument is an array of enabled provider classnames as values, the second argument is the user ID.
two_factor_user_authenticated action which receives the logged in WP_User object as the first argument for determining the logged in user right after the authentication workflow.
two_factor_token_ttl filter overrides the time interval in seconds that an email token is considered after generation. Accepts the time in seconds as the first argument and the ID of the WP_User object being authenticated.

Bliv involveret

Udviklingen sker på GitHub. Deltag på #core-passwords kanalen på WordPress Slack (Tilmeld dig her).

Sådan kommer du i gang:

$ git clone https://github.com/wordpress/two-factor.git
$ npm install

Åbn herefter en pull request med de foreslående ændringer.

Skærmbilleder

Indstillinger for totrinsgodkendelse under brugerprofiler.
Afsnittet U2F sikkerhedsnøgler under brugerprofiler.
E-mail kode godkendelse under WordPress log ind.

Anmeldelser

Linmp 14. oktober, 2020

FIDO U2F support is very nice!

Stephen Sabatini 13. oktober, 2020

If you value your security - this is a no-brainer.

amanpreetsidhu 26. september, 2020

Love it! Thank you!

Phil Johnston 19. september, 2020

This plugin is working great and was incredibly easy to set up. Excellent work. This is a hugely important project for the entire WordPress community. Thank you! 2Factor is a security standard that everyone should use. With WordPress being used on 30% of websites, having this in WordPress core would be a huge security win for an enormous chunk of the internet. For some, its existence in core may be their first introduction to 2Factor, which is a huge opportunity to not only be more secure, but to educate people. Having it in core would also allow for a standard to be set, and for login flows from plugins to utilize 2factor in a reliable way (think logging in over Headless, or though a WooCommerce login-form on a receipt page, etc). I'm 100% on team lets-get-this-in-core.