How to enable 2FA to every user to access WP Admin?

Hi @bucki

Yes, 2FA needs to apply individually for all users. They needs to login and scan the the QR Code in their mobile app Google Authenticator which will provide OTP code for them.

WP Security > Settings > Two factor authentication. tab have the User roles so if for author enabled.

https://snipboard.io/TN0VZw.jpg

WP security > Two factor auth > Two factor authentication settings will have the option to enable 2FA and below QR code to scan in app which provides OTP for login.

https://snipboard.io/nJ3j0o.jpg

MFA = MultifactorAuthentication is not implemented in AIOS plugin.

Regards

Hello

I thought WP Security app is the AOIS plugin?
Anyway, would expect the MFA to apply to all users with one click instead of asking users to setup MFA.

how would authors/subscribers get the MFA setup?
Unless the account is an admin: authors would not have WP-ADMIN access, right? at least not see / manage settings…. and it would be a risk if authors can make changes to WP Security config.

I am not so sure about this now.

Apologies, I keep saying MFA but meant to say 2FA.
I understand the app does not support MFA but 2FA only.

Ultimately, i wanted to enable 2FA on all users as soon as they log in, to be prompted to configure it. I see this is not an option at all?

Only concern is that if other users (apart from admins) are able to manage / change settings on WP Security plugin – that leaves an open door for authros & subscribers to potentially make security changes to the app and affect all users?

Hi @bucki

If you want to enable in front end without access to wp-admin?dashbaord for the auothers, you can use the short code in edit profile page of the user [twofactor_user_settings] which will show to enable 2FA for that user with QR Code to scan.

Once that user has enabled the 2FA he will be prompted for 2FA code to enter on standard login page.

Regards

Hello

That would need customisation to the .php file which we like to avoid.
However, the issue here is: how would Author / Subscriber configure the 2FA via WP SECURE ?

Is the WP Secure available to anybody and not restricted to Administratros only? If this is the case, then would an Author be able to make substantial changes to the WP Secure config or only limited to 2FA only?

Hi @bucki

If you want form the frontend the 2FA enable option for author / subscriber type user you have to add in theme edit profile page the short code [twofactor_user_settings]. In .php file you have to do_shortcode.

If not front end and can access wp-admin dashboard they will have access to only below menu and page.

WP security > Two factor auth > Two factor authentication settings will have the option to enable 2FA and below QR code to scan in app which provides OTP for login.

https://snipboard.io/nJ3j0o.jpg

Administrator only have access to below settings / config page and author / subscriber can not access it or any other WP security plugin settings page to change any thing.

WP Security > Settings > Two factor authentication. tab have the User roles so if for author enabled.

https://snipboard.io/TN0VZw.jpg

Regards

Hello

Thanks for the support.
May I ask how a user would get logged in if they lost the mobile phone and unable to 2FA into the wordpress?

How would the 2FA account be reset?

Hi @bucki

Emergency codes can be used by user when lost their phone/tablet but it is premium feature you need to purchase premium subscription for that.

For free version only solution will be disable two factor auth for all users defining below constant in wp-config.php and let user in and scan with another phone. after scan done remove below constant.

define('TWO_FACTOR_DISABLE', true);

Regards