2fa for wordpress sites

Hi @divyauser, thanks for getting in touch.

You can absolutely set up 2FA for admins and users of all standard roles (Editor, Author, etc.) using Wordfence > Login Security > Settings. You will see which user roles you wish to enable it for and other options like grace periods and whether you use WooCommerce. Please note that 2FA currently only works for the default WordPress login/registration pages along with WooCommerce. Custom login pages will not be supported, and non-standard user roles updated by another plugin may experience issues depending on which permissions they’ve been given.

You can read more about how to enable and use 2FA in our help documentation: https://www.wordfence.com/help/tools/two-factor-authentication/

Let me know if you have any issues!

Peter.

• This reply was modified 2 years, 9 months ago by wfpeter. Reason: Changed user roles statement with examples

Just a question: is there an option for making it immediately part of the backend login window so that it im mediately demands UID, password and 2FA (with 2FA left blank if not yet set up)? It seems to cut down on attempted dictionary attacks.

As a matter of fact, this could be useful for the front end as well so maybe a switchable option for each individually?

Hi @batteriesinc,

I can certainly put your suggestion forward as a development request, however I can’t guarantee features will be included or when they might be released here on the forums. There could be a technical issue with doing this by default as not all user levels necessarily require 2FA as it’s configured on a site-by-site basis. 2FA is presented as a secondary prompt once the user checks have been made to let us know if 2FA is required to proceed.

Thanks,

Peter.