2FAS Light – Google Authenticator

Description

Secure your WordPress Administration area with 2FAS Light plugin

Every time you log in to a WP-admin panel, 2FAS Light plugin checks if the device has already been trusted. In case the device has not been trusted, the user will be asked for a security code generated by Google Authenticator mobile app.

2FAS plugin also works with other mobile applications that generate tokens, such as: Microsoft Authenticator, Authy, Free OTP, 2STP, OTP Auth.

Install & use

You do not need to register, create a special account, log in or take any other complicated action to use 2FAS Light plugin. All you need to do is install it and activate it in your WordPress. What is more 2FAS Light plugin does not communicate with any external sites. All data needed to make plugin work properly are stored in WordPress database.

Free for all users

Some WordPress plugins are free for only one user as they require fees when you want other users to join you. 2FAS Light plugin is entirely free for all WordPress users.

Get instant protection against:

Brute-force attacks

When undergoing a brute-force attack, your password can be discovered by the attacker. This is the only vulnerability you will experience with 2FAS Light. 2FAS Light’s intelligent security feature provides a finite amount of time in which the attacker access the correct token. After the access period has ended, the attacker is locked out for security reasons.

WordPress takeovers

Many people use the same password or a similar password for many online services. Repeatedly used passwords remain are vulnerable in cyberspace. Using the 2FAS Light plugin on your WordPress site makes access without a 2FAS Light registered device very difficult.

Phishing and keylogger attacks

If you’re not completely sure that the devices used by you or your sub-users are completely free of keyloggers and viruses, then using 2FAS Light to protect your WordPress site from security breaches is a great solution!

Any password discovery attempt is useless with 2FAS Light. Without the token generated by your 2FAS Light, conventional access to your WordPress site is almost impossible.

Support

For more information check out our website at https://2fas.com

If you need our support, please contact us at support@2fas.com

Captures d’écran

  • The first step of the login process — providing the login and the password
  • The second step of the login process — providing the token on an untrusted device
  • Configuring the two-factor authentication in the 2FAS Light plugin

Installation

  1. Log in to your WordPress administration area and go to the « Plugins » menu option on the left side.
  2. Click the « Add New » button at the top of the page.
  3. Search for « 2FAS Light » and click the « Install Now » button.
  4. When 2FAS Light successfully installs, click the « Activate » link.
  5. Go to the 2FAS Light menu option and follow the steps of the plugin wizard (scan the QR code and provide your token in order to verify it).
  6. That’s it! Now your WordPress administration area is protected by 2FAS Light.

Plugin requirements:

  • PHP 5.3 or newer (PHP 7.3 is recommended)
  • PHP extensions: GD, Multibyte String, OpenSSL
  • WordPress 3.6 or newer
  • JavaScript enabled

Warning: The plugin is currently not compatible with multisite installations.

If you have any problems with the installation please contact us at support@2fas.com

FAQ

Why do I need the 2FAS Light plugin?

If you’re not completely sure your devices or ones used by your sub-users are completely free of keyloggers and viruses, then it is a great solution.

Without the token generated by your smartphone, any password discovery attempt will be useless with 2FAS Light plugin.

Do I need to enter a token each time I log in to the WordPress admin?

No, it is not necessary. The 2FAS Light plugin determines whether or not the user is required to enter a token as an additional form of authentication.

What do I need to do to start using the 2FAS Light plugin?

The most common way to use the 2FAS Light plugin is to configure your smartphone to generate tokens. You can download any Time-based One-Time Password (TOTP) app (e.g. Google Authenticator, Authy, FreeOTP, etc.).

Can I use a browser extension instead of my smartphone to generate tokens?

Yes, you can; however, it isn’t as safe as using your smartphone.

The main idea of the two-factor authentication is based on using different devices or channels, which can verify a user. When you are using a browser extension, then you are not protected from malware or viruses, which can catch your token.

Is it free?

Yes, it is completely free.

You can either use it privately or for commercial usage without any fees.

Avis

20 octobre 2019
I've been using this plugin to 2 factor authenticate users on my site for a few months now, and I can attest that it's Campbell-Soup-good, Andy-Warhol-good, Battle For The Planet Of The Apes-good! Not sure it can get much gooder—as the popular saying goes, it does what it says on the can.
13 juillet 2019
Ein unauffälliges Plugin, das sehr effektiv im Hintergrund arbeitet und das Backend des Blogs doppelt absichert. Funktioniert prima und störungsfrei.
29 mai 2019
I really like this plugin. The only issue I have is that I use a staging site and upon restoring I have to disable it as the restored site doesn't accept my second-factor key. The previous plugin I used worked fine on restore. The sites sit on the same server, so it doesn't appear to be time offset. If this worked it'd be 5 stars. Thanks!
6 mai 2019
It works fine but when I updated some weeks ago I couldn't enter and I had to restore a previous version of the plugin to solve it
29 avril 2019
2FAS Light is an excellent WordPress plugin that i have been using for over a year without any problems. 2FAS Light is a WordPress plugin developed with really good code that uses few resources and is really light. Furthermore the 2FAS Light plugin developers for WordPress provide an excellent, fast and professional assistance service. The WordPress 2FAS Light plugin does exactly what it promises and does it really well. For me the 2FAS Light plugin for WordPress greatly increases the security of websites developed with WordPress. 2FAS Light plugin for WordPress is excellent and i recommend it to everyone !
Lire les 24 avis

Contributeurs & développeurs

« 2FAS Light – Google Authenticator » est un logiciel libre. Les personnes suivantes ont contribué à cette extension.

Contributeurs

Journal

1.2.0 (Oct. 9, 2019)

  • Added compatibility with multisite
  • Minor frontend fixes
  • Fixed issue with deleting all plugin’s data during uninstallation
  • Fixed IP in trusted devices

1.1.5 (Apr. 16, 2019)

  • Fixed compatibility with plugins renaming login page

1.1.4 (Apr. 9, 2019)

  • Added compatibility with WooCommerce

1.1.3 (Mar. 6, 2019)

  • Constant DIRECTORY_SEPARATOR is not used anymore
  • Prevent direct access to twofas_light_init.php file

1.1.2 (Feb. 18, 2019)

  • Fixed setcookie function arguments

1.1.1 (Aug. 9, 2018)

  • Fixed PHP errors and warnings occurring during some actions
  • Added plugin’s requirements check during logging in
  • Review notice is shown to every administrator separately
  • Fixed timezones

1.1.0 (Jun. 18, 2018)

  • New layout
  • Improved TOTP time synchronization
  • Added voluntary plugin review request
  • Fixed trusted device cookie deletion
  • Trusted device deletion must be confirmed