內容簡介
Cloudbridge 2FA 外掛提供簡單的雙重身份驗證功能,要求使用者在登入 WordPress 時輸入一次性密碼(OTP)。此外掛支援電子郵件和 TOTP 認證應用程式,增強網站安全性。
【主要功能】
• 支援六位數電子郵件密碼
• 支援標準的 TOTP 認證應用程式
• 可設定特定角色使用 2FA
• 提供 QR 碼和手動設置金鑰
• 自訂 OTP 輸入表單文字
• 允許某些角色跳過 OTP 驗證
外掛標籤
開發者團隊
原文外掛簡介
This plugin provides uncomplicated 2FA functionality for WordPress. It will
allow you to require a second, one time password or OTP, code to be entered
when certain (or all) users attempt to log in to WordPress.
The plugin supports two factor methods:
six-digit codes sent by e-mail
standards-based authenticator apps using TOTP
The e-mail code has a limited lifetime (defaults to 15 minutes). Once a code
has been consumed, it is considered invalid.
Authenticator app setup is handled from the user’s own profile page. The plugin
provides a QR code, a manual setup key, and recovery codes for when the
authenticator app is not available.
You may configure that only certain roles are required to use 2FA, and it is
recommended that you enable 2FA for those users with privileged access.
You may also configure the plugin to allow certain roles to enable an OTP code
bypass, which will set a cookie in that user’s web browser. The cookies are
partially based on the username, so several users can share the same browser,
but still be required to always enter the OTP code, or bypass it if the cookie
is present.
You can add custom text to the OTP code entry form, and you can add custom text
to the OTP code e-mail message.
The plugin can be configured to allow it to be handled/managed only by specific
users, thus making it harder for someone to accidentally or intentionally
deactivate it. The implemented solution for this is by no means waterproof. If
someone, for example, has access to your WordPress installation by means of FTP
or similar, the plugin files can be physically removed (or moved out of your
WordPress installation), which basically deactivates the plugin as well.
Credits
The Cloudbridge 2FA Plugin was written by Joaquim Homrighausen while converting caffeine into code.
Cloudbridge 2FA is sponsored by WebbPlatsen i Sverige AB, Sweden.
Commercial support and customizations for this plugin is available from WebbPlatsen i Sverige AB in Sweden.
If you find this plugin useful, the author is happy to receive a donation, good review, or just a kind word.
If there is something you feel to be missing from this plugin, or if you have found a problem with the code or a feature, please do not hesitate to reach out to [email protected].
This plugin can also be downloaded from code.webbplatsen.net and GitHub
More detailed documentation is available at https://code.webbplatsen.net/documentation/cloudbridge-2fa/
Kudos to Kev Quirk for Simple CSS
QR code setup on the authenticated profile page uses QR Code Generator for JavaScript by Kazuhiko Arase (MIT license).
