內容簡介
此外掛可在 WordPress 網站中加入雙因子認證、無密碼認證和帳戶驗證等重要功能。其主要特色包括:
三種一次性密碼模式:雙因子認證、無密碼認證和帳戶驗證。
三種 OTP 驗證碼驗證網關:WordPress 電子郵件、Twilio 簡訊和 Alibaba Cloud 簡訊;皆有使用沙盒模式的選項。
雙因子認證:允許(或強制)用戶在密碼之外使用第二個認證因子進行驗證。
無密碼認證:允許使用者僅需使用其用戶名、標識符和 OTP 驗證碼(取決於驗證網關,預設網關支持電子郵件或手機號碼)即可登錄。
帳戶驗證:強制用戶在首次登錄時、定期登錄時或每次登錄都需要輸入 OTP 驗證碼進行驗證。
將 OTP 標識符與現有數據同步處理:如果希望使用 Twilio 簡訊,但已經在數據庫中保存了電話號碼字段,例如 WooCommerce 中的「帳單電話」字段,就可以在網關設置中指定其用戶秘鑰鍵。 (注意:重複的標識符將需要用戶在更新時選擇新的標識符。)
簡單而可定製的外觀:用於請求 OTP 驗證碼的表單使用中立的專用風格,與大多數主題兼容,可定製標誌和呼籲顏色。
活動日誌:啟用後,管理員可以跟踪啟用的網關活動。始終會記錄與網關故障有關的關鍵消息。
開發人員可定製:開發人員可以使用操作和篩選器鉤子添加自己的閘道或添加自定義一次性密碼模式,等等。有關詳細信息,請參閱 開發人員文檔。
易於集成:包括與 Ultimate Member 和 WooCommerce 的特定集成;開發人員可以通過大量功能、過濾器鉤子和操作鉤子輕鬆插入 OTP Authenticator,參閱 開發人員文檔,歡迎參與集成的貢獻。
無限功能:沒有任何高級版本的功能限制欺騙 - OTP Authenticator 從一開始就具有全部功能。
疑難排解
OTP Authenticator定期更新,歡迎提交錯誤報告,最好在Github上報告進階疑難排解。
每個錯誤報告都會及時處理,但是在WordPress論壇上報告的一般詢問和問題可能需要更長時間才能收到回應。
只有發生在包括集成插件(或插件功能)、核心WordPress和預設WordPress主題(包括WooCommerce Storefront)的問題才會在未經補償的情況下予以考慮。
任何涉及第三方插件或主題的疑難排解都需要補償,且不會在WordPress支持論壇上得到解決。
集成
雖然OTP Authenticator設計可立即在大多數WordPress插件和主題中使用,但有些邊緣情況需要進行集成,核心檔案中包含在某些特定條件下執行的程式碼。
核心添加的集成僅限於流行的插件和主題:任何特定於少數安裝的其他代碼都需要使用與社區不共享的獨立自定義集成插件(在兩者之間切換可能需要專門知識)。
外掛標籤
開發者團隊
原文外掛簡介
Add Two-Factor Authentication, Passwordless Authentication and Account Validation to your WordPress website.
Overview
This plugin adds the following major features to WordPress:
3 One-Time Password modes: Two-Factor Authentication, Passwordless Authentication and Account Validation.
3 Authentication Gateways for OTP Verification Codes: WordPress Email, Twilio SMS, Alibaba Cloud SMS ; all with option to use a sandbox mode.
Two-Factor Authentication: allow (or force) users to authenticate with a second factor on top of their password.
Passwordless Authentication: allow users to login simply with their username, an identifier, and an OTP Verification Code (identifier depending on the Authentication Gateway – email or phone number supported with the default gateways).
Account Validation: force users to validate their account by entering an OTP Verification Code at first login, on a set regular basis at login, or at each login.
Synchronize OTP identifiers with existing data: wish to use Twilio SMS, but already have a phone number field saved in database? Perhaps with the “Billing Phone” in WooCommerce? Use this field by indicating its user meta key in the gateway settings (Note: duplicate identifiers will require users to choose a different one on update).
Simple yet customizable appearance: forms used to request OTP Verification Codes use a neutral dedicated style compatible with most themes, with customizable logo and call-to-action colors.
Activity Logs: when enabled, administrators can follow the activity of the enabled gateway. Critical messages regarding gateway malfunction are always logged.
Customizable for developers: developers can add their own gateways or add custom One-Time Password modes using action and filter hooks, and more – see the developers documentation.
Integration-friendly: specific integration with Ultimate Member and WooCommerce is included by default ; developers can easily plug into OTP Authenticator with a multitude of functions, filter hooks and action hooks – see the developers documentation – contributions to integrations are welcome.
Unlimited features: there are no premium version feature restrictions shenanigans – OTP Authenticator is fully-featured right out of the box.
Troubleshooting
OTP Authenticator is regularly updated, and bug reports are welcome, preferably on Github, especially for advanced troubleshooting.
Each bug report will be addressed in a timely manner, but general inquiries and issues reported on the WordPress forum may take significantly longer to receive a response.
Only issues occurring with included integrated plugins (or plugin features), core WordPress and default WordPress themes (incl. WooCommerce Storefront) will be considered without compensation.
Troubleshooting involving 3rd-party plugins or themes will require compensation in any case, and will not be addressed on the WordPress support forum.
Integrations
Although OTP Authenticator is designed to work out of the box with most combinations of WordPress plugins and themes, there are some edge cases necessitating integration, with code included in the core files of OTP Authenticator executing under certain conditions.
Integrations added to core are limited to popular plugins and themes: any extra code specific to a handful of installations require a separate custom integration plugin not shared with the community (decision at the discretion of the OTP Authenticator plugin author).
If such need for plugin integration arises, website administrators may contact the author of OTP Authenticator to become a patron.
All integrations are to be funded by plugin users, with downpayment and delivery payment, at the plugin author’s discretion, without exception.
The patron in return may be credited with their name (or company name) and a link to a page of their choice in the plugin’s Changelog.
