Description

Use the « Two-Factor Options » section under « Users » « Your Profile » to enable and configure one or multiple two-factor authentication providers for your account:

Codes d’e-mail
Mots de passe à usage unique basés sur le temps (TOTP)
Second facteur FIDO Universal (U2F)
Codes de sauvegarde
Méthode factice (uniquement à des fins de test)

Pour un historique complet, voyez cet article.

Actions & Filtres

Voici une liste des crochets d’action et de filtre fournis par l’extension :

two_factor_providers filter overrides the available two-factor providers such as email and time-based one-time passwords. Array values are PHP classnames of the two-factor providers.
two_factor_providers_for_user filter overrides the available two-factor providers for a specific user. Array values are instances of provider classes and the user object WP_User is available as the second argument.
two_factor_enabled_providers_for_user filter overrides the list of two-factor providers enabled for a user. First argument is an array of enabled provider classnames as values, the second argument is the user ID.
two_factor_user_authenticated action which receives the logged in WP_User object as the first argument for determining the logged in user right after the authentication workflow.
two_factor_user_api_login_enable filter restricts authentication for REST API and XML-RPC to application passwords only. Provides the user ID as the second argument.
two_factor_email_token_ttl filter overrides the time interval in seconds that an email token is considered after generation. Accepts the time in seconds as the first argument and the ID of the WP_User object being authenticated.
Le filtre two_factor_email_token_length surcharge le nombre par défaut de 8 caractères pour les jetons d’e-mail.
Le filtre two_factor_backup_code_length surcharge le nombre de caractères par défaut de 8 pour les codes de secours. Fournit le WP_User du compte associé en tant que deuxième argument.

Captures d’écrans

Options de double authentification dans le profil du compte.
Section des clés de sécurité U2F dans le profil du compte.
Login with authentication app code.
Login with recovery code.
Login with email code.

FAQ

What PHP and WordPress versions does the Two-Factor plugin support?

This plugin supports the last two major versions of WordPress and the minimum PHP version supported by those WordPress versions.

Comment envoyer un retour ou obtenir de l‘aide pour un bogue ?

The best place to report bugs, feature suggestions, or any other (non-security) feedback is at the Two Factor GitHub issues page. Before submitting a new issue, please search the existing issues to check if someone else has reported the same feedback.

Où puis-je signaler des bogues de sécurité ?

Les contributeurs et contributrices de l’extension ainsi que la communauté WordPress prennent les bogues de sécurité très au sérieux. Nous apprécions vos efforts pour divulguer vos découvertes de manière responsable et nous ferons tout notre possible pour reconnaître vos contributions.

Pour signaler un problème de sécurité, veuillez consulter le programme WordPress HackerOne.

Avis

aria27 8 novembre 2025

The Two-Factor plugin adds reliable two-step verification to your WordPress site. It’s easy to configure, works smoothly with the default login, and supports multiple authentication methods for stronger protection.

olga679 5 novembre 2025

The Two-Factor plugin provides an extra layer of security by adding two-step verification to your WordPress login. It’s simple to configure, reliable, and supports various authentication methods. A great choice for keeping your site safe from unauthorized access.

Abdulrashid Aushev 22 septembre 2025

Helps secure important accounts and data! This will stop unknown device login.

letharaddison 29 août 2025

Essential Security Boost with Two-Factor

michavo73 20 août 2025 3 réponses

A great plugin and absolutely useful and important! Unfortunately, there is a problem that needs to be addressed and resolved: The QR code generated for 2FA apps is reported as incorrect by the 2FAS smartphone app. If you type the code below into the app, everything works fine. This problem did not occur with Google Authenticator. Of course, it seems to be a problem with the 2FAS app, because Google can do it! But shouldn’t the problem be analyzed in more detail on the developer side? I will probably also inform the developer of the app. However, it would certainly be best if the two experts (plugin here and app there) got in touch with each other.

kruthikreddyj 17 juillet 2025

This plugin made it really easy to add two-factor authentication to my WordPress test site. The interface is clean, and the setup took just a few minutes. Works well with email and TOTP apps like Google Authenticator. A must-have for basic security!

Lire les 197 avis