2FA compatibility with WP-Members subscribers?

Thanks for reaching out.

I just had a clarifying question. Have you enabled the Woocommerce support option on the Wordfence > Login Security > Settings page?

Mia

Just jumping in (as the WP-Members developer), I don’t think that it’s compatible directly with the WP-Members login form (the one you’re invoking with [wpmem_form login]). To use 2FA generally involves an intermediate step to display the 2FA (i.e. initial form submission -> 2FA display/submit -> authenticated login), and the way the WP-Members form is currently processed doesn’t accommodate that (not that it won’t in the future – but presently it does not).

What you can do, however, is redirect blocked content to the wp-login.php in order to handle the 2FA (and/or you could do that based on initial login submission if you only require 2FA for certain users, such as admins). There are different ways to approach it, but you can’t do it directly with the wpmem form.

@cbutlerjr – Thanks for jumping in! We appreciate the input. ??

@kerrydesigner – One thing you can do is instruct the users to enter their username and password like this:
* Enter their username as normal
* Enter their password, a space, and then the code the authenticator app provides.
For example : If the password was W0rdf3nce! and the code on the authenticator app is 123 456, they’d enter W0rdf3nce! 123456.
That should work. Can you try on the WP-Members plugin login form and see?

Mia

Thanks both very much! Yes, adding a space after the password and then the 2fa code works.

It still would be great if WP-Members adds the compatibility for a second prompt as this would be better UX. But I only expect users to set this up if told to by their security team, so long as there is a work around I’m happy.