2FA is a protection system passed in two steps, meant to remove any unauthorized logins.Official Documentation Link: https://awwo.link/jeZgv
Activate system through the Checkbox next to the section title and Save Changes.
2FA short for Two Factor Authentication, is a protection system passed in two steps, meant to remove any unauthorized logins. This system allows users to use a one-time generated code in order to confirm identity during the authentication process. These codes are generated by an app installed on a smartphone. Use [cw_2fa_protection] shortcode for security setup dashboard display and [cw_2fa_emergency_codes] emergency codes page.
In order to setup 2FA Protection, you’ll need a smartphone. Then, you have to download and install from the App Store or Google Play, an app called Google Authenticator or Authy (recommended, has cloud backup services in case you change or lose your phone). Once you pass app setup stage, please scan the QR code in order to generate temporary login codes. If the app on your phone is showing the same code as the one in this page (check current authentication code), it means you have successfully configured your account protection.
Activate System through the Checkbox next to section title and Save Changes.
- Enable Protection for: Activate 2FA based on User Role (Administrator, Editor, Author, etc.).
- Enable Password Check First: Verify password before 2FA code submission.
- Enable Compulsory Protection: Force users to activate 2FA.
- Enforce 2FA Activation in: Define 2FA activation timeframe.
- Hide 2FA Disable Button: Remove user’s ability to disable 2FA once activated.
- Redirect Link after Expiration: Setup a redirect link for cases when users did not fulfil 2FA Activation.
- 2FA Configuration Link: Setup a link for users to follow when they want to activate 2FA.
- 2FA Period Extension Email Subject: Setup email subject for period extension, which can be personalized.
- 2FA Period Extension Email Content: Setup email body content for period extension, which can be personalized.
- Enable Trusted Devices: Enable users to bypass 2FA input on trusted devices for a period of time.
- Request New Two-Factor Code After: Define time interval for trusted devices bypass.
- Emergency Codes Volume: Define a number of backup codes an user can get for account recovery in case of lost 2FA App access.
- Emergency Codes Page: Setup page access by inserting [cw_2fa_emergency_codes] shortcode.
- Invalid Token Message: Customize error message for situations where 2FA codes are wrongly typed in.
- Invalid Emergency Token Message: Customize error message for situations where an emergency code is wrongly typed in.
- Frontend Section Content: Instructions for 2FA setup inside preferred account endpoint.
Reset Section Settings using the checkbox and Save Changes button in order to remove database entries.