Can a “backup” email address be set for recovery/2FA?

  • Resolved Hammy Havoc

    (@hammyhavoc)


    1 month, 2 weeks ago

    Hi!

    Ideally, I would like users to be able to have a “primary” and “secondary” email address so they can’t get locked out of an account if they lose access to their email address.

    The use case is an HIV charity who provide educational resources, but work email addresses aren’t forever, so they can lose access to their account, and also means that they stop receiving important news on educational resources, which is a big deal if they themselves are HIV positive.

    Is this plugin able to do this?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Kaspars

    (@kasparsd)

    The plugin doesn’t support this feature.

    However, you could add it using custom code that sends the two-factor codes to multiple addresses (maybe provide a UI in the user profile for this) using the wp_mail filter. You could use the did_filter( 'two_factor_token_email_message' ) conditional to update the recipients with the extra email address.

    nikdow

    (@nikdow)

    Small issue: readme.txt has:
    Stable tag: 0.11.0

    whereas WP API has 0.12.0
    and two-factor.php has define( ‘TWO_FACTOR_VERSION’, ‘0.12.0’ );

    This is causing our updater to update the plugin every run. Our WordPress admin > plugins shows 0.12.0 so I guess WP is using a filter that returns the version, but our script is python so it can’t see that, it just reads readme.txt

    If the readme.txt Stable tag could be maintained would be much appreciated.

    Thanks to all the maintainers!

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.