[WordPress] 外掛分享： Flavor 2FA

內容簡介

總結：Flavor 2FA 在不增加複雜性的情況下，為您的 WordPress 網站添加了強大的兩步驟驗證功能。不會有多餘的功能，也沒有混淆的設定 - 只有可靠的安全功能，保護您的網站免受未授權訪問。

問與答：
1. 使用 Flavor 2FA 的哪些特點使其成為一個適合 WordPress 網站的強大驗證工具？
- 零配置即可使用，可以立即使用
- 使用原生 WordPress 風格，與 WordPress 環境無縫配合
- 提供兩種驗證方法：驗證應用程式（例如Google Authenticator, Authy, 1Password）或郵件驗證
- 提供用戶友好型設置，有引導的三步驟流程和 QR 碼掃描功能
- 管理員具有完整控制權，可以強制啟用2FA、重置用戶、管理鎖定狀態

2. 對於使用者而言，Flavor 2FA 提供了哪些功能？
- 可以選擇使用驗證應用程式或郵件驗證
- 提供 10 個緊急情況下的復原密碼
- 提供「信任此設備」選項，可以跳過在個人設備上進行2FA
- 提供簡單、乾淨的驗證界面

3. 為管理員提供了哪些建議或功能？
- 可以針對特定用戶角色要求2FA
- 為新用戶提供寬限期
- 可以強制要求下次登錄時立即設置2FA
- 提供防止暴力攻擊的鎖定保護
- 可以一鍵重置 2FA 或解鎖帳戶
- 可以一目瞭然地查看所有用戶的2FA狀態

外掛標籤

開發者團隊

原文外掛簡介

Flavor 2FA adds powerful two-factor authentication to your WordPress site without the complexity. No bloat, no confusing settings – just solid security that protects your site from unauthorized access.
Why Flavor 2FA?

Zero configuration needed – Works out of the box
Native WordPress styling – Feels like part of WordPress
Two verification methods – Authenticator apps (Google Authenticator, Authy, 1Password) or email codes
User-friendly setup – Guided 3-step process with QR code scanning
Complete admin control – Force 2FA, reset users, manage lockouts

Features
For Users:
* Choose between authenticator app or email verification
* 10 recovery codes for emergency access
* “Trust this device” option to skip 2FA on personal devices
* Simple, clean verification screens
For Admins:
* Require 2FA for specific user roles
* Grace period for new users
* Force immediate 2FA setup on next login
* Lockout protection against brute force attacks
* Reset 2FA or unlock accounts with one click
* See 2FA status for all users at a glance
Perfect For

Agencies managing client sites
WooCommerce stores handling sensitive data
Membership sites with user accounts
Any WordPress site that needs extra security

External services
This plugin uses a third-party service to generate QR codes during the TOTP authenticator app setup process.
QR Server API
When a user chooses the “Authenticator App” method during 2FA setup, the plugin generates a QR code image via the QR Server API. This QR code contains the TOTP secret URI (which includes the site name, user email, and secret key) so the user can scan it with their authenticator app.

What data is sent: A TOTP provisioning URI containing the site name, user email address, and a generated secret key.
When it is sent: Only once, when a user sets up TOTP-based two-factor authentication. No data is sent during normal login verification.
Service provider: goQR.me / QR Server
Service URL: https://goqr.me/api/
Terms of service: https://goqr.me/api/doc/
Privacy policy: https://goqr.me/privacy-policy/

延伸相關外掛

All-In-One Security (AIOS) – Security and FirewallAll-In-One Security (AIOS) 是一款功能全面的 WordPress 安...Solid Security – Password, Two Factor Authentication, and Brute Force ProtectionSolid Security 是一款專為 WordPress 網站設計的安全外掛，...WP 2FA – Two-factor authentication for WordPressWP 2FA 是一款免費且易於使用的 WordPress 雙重身份驗證外掛...Wordfence Login SecurityWORDFENCE 登入安全性 Wordfence 登入安全性包含在完整的 Wor...Titan Anti-spam & SecurityTitan Anti-Spam & Security 是一個完整的保護解決方案，...Two Factor (2FA) Authentication via EmailWordPress是全球最受歡迎的內容管理系統（CMS），超過40％的...WP 2-step verificationWordPress 2步驟驗證（Wp2sv）為您的 WordPress 帳戶增加了額...Rublon Multi-Factor Authentication (MFA)重新掌控您的公司！ 所有員工的帳戶安全 無需配置或培訓 ...IP & Country Blocker Lite總結文案: IP＆Country Blocker Lite 是一個功能強大的 WordP...Two Factor Authentication (2FA , MFA, OTP SMS and Email)多因素驗證-雙重因素(2FA/OTP)-可以為任何基於 TOTP 的驗證方...Per User Prompt for Google AuthenticatorWordPress外掛 ＜a href="https://wordpress.org/plugins/goo...SecSignSecSign ID – 以行動裝置登入網站的方式 SecSign ID 是適用於...AuthPressWP 2FA with Telegram 可以讓您使用 Telegram 啟用 WordPress...Bearmor Security```html <!DOCTYPE html> <html> <body> ...Encourage User Activation for Google AuthenticatorGoogle Authenticator 外掛是在你的網站上增加雙重身分驗證的...