WP 2FA Nulled – Add an extra layer of security to your WordPress website login page and its users. Enable two-factor authentication (2FA), the best protection against users using weak passwords, and automated password guessing and brute force attacks.
Features
- Free Two-factor authentication (2FA) for all users
- Supports multiple 2FA methods
- Universal 2FA app support – generate codes from Google Authenticator, Authy & any other 2FA app
- Supports 2FA backup methods
- Require 2FA on password reset
- Very easy to use and simple to set up
- Use 2FA policies to enforce 2FA with a grace period or require users to instantly setup 2FA upon logging in
- No WordPress dashboard access is required for users to set up 2FA
- Fully editable email templates
- Protection against automated password & dictionary attacks
- Everything in the free version
- Full white labeling capabilities
- Trusted devices (no 2FA required)
- One-click integration with WooCommerce
Demo : https://wordpress.org/plugins/wp-2fa/
Changelog
2.6.4 (2024-03-07)
Improvements
The default “From email address” used by the plugin now includes the website’s domain, thus improving email deliverability. Previously the plugin used the admin notifications email address configured in the WordPress settings.
All one-time codes generated by the plugin are now 6 digits long.
Applied some coding best practices in some sections to ensure better protection against timing base attacks.
Security fix
Fixed a sensitive information disclosure issue; users’ salts can only be potentially exposed if debug is enabled and the web server is not Apache.
Bug fixes
Fixed: Text changes in the “logged out users trying to access 2FA config” setting not saved.
Fixed: User not redirected to the URL configured in the settings when all backup codes are disabled.
Fixed: Formatting / layout of advert in the configuration, which in some cases it was showing over some of the help text.
2.6.3 (2024-02-15)
Improvements
Added new notices and a few “missing” strings to the POT (translation) file.
Improved and added sanitization to more user inputs in the plugin.
Security fix
Fixed a security issue reported by Rafi Muhammad.
Bug fixes
Fixed: Added missing ‘ div’ HTML element in the front-end 2FA form.
Fixed: Updated legacy plans / features – some features were missing from the Enterprise legacy plan (now called Ent).