Allow remembering device for custom period?

Hi @divimundo,

The timescale cannot be changed, it is provided for convenience when admins frequently logging in from a trusted device only wish to confirm their 2FA code monthly rather than every time.

If you have this feature enabled but are logging in from a different location for <24 hours, you could ensure all browsing data is deleted once you’re done to remove the cookie.

Allow remembering device for 30 days
When this option is enabled, users can click a checkbox to remember their device for 30 days. This sets a cookie unique to their device that will allow them to log in without using 2FA from that device and browser. This feature is for convenience, but it is less secure than requiring 2FA for each login.

https://www.wordfence.com/help/login-security/

Many thanks,
Peter.

I understand the benefit of the “remember me” feature, but in this case, my client would like to have a shorter “remember me” period then 30 days. I’ll leave it as a feature suggestion.

I will use the plugin WP 2FA Premium instead of Wordfence for now, since they offer custom “remember me” time for the 2FA feature. See screenshot of this feature: https://imgur.com/a/dcxQdMs

Thank-you @divimundo for letting us know your use-case and providing an example.

I have submitted 2FA custom durations as a feature request, and every one is discussed for possible future inclusion in the plugin. As we’re unable to follow-up on these here on the forums, we “resolve” topics here but it is still an open request in our issue tracker so will document alterations for future versions in our?changelog.

Many thanks,
Peter.