I guess this question has been asked before but I couldn’t find any answer to it.
I have created a custom login form and I am using the following code to check the credentials of the user:
` $creds = array();
$creds[‘user_login’] = $_POST[‘username’];
$creds[‘user_password’] = $_POST[‘login_password’];
$creds[‘remember’] = true;
$user_validate = wp_signon( $creds, false );
if ( is_wp_error($user_validate) ){
header(‘Location: ‘.home_url().’/login?error_msg=Invalid Username or Password’);
exit;
}
header(‘Location: ‘.home_url());
exit();`
For non Authy enabled user everything is okay, the credentials gets verified and the user gets redirected to the home page (logged in) but when I enable Authy for my account and then try to login, I am redirected the the page where it asks for authy key, after entering the key instead of getting logged in, I am redirected to the homepage without being logged in.
What am I doing wrong, can you guys please help.
]]>I’ve installed Authy for WordPress plugin in my self hosted wordpress site and provided production API into the plugin from my Authy account…I’ve also activated authy from my user profile. Now when logged out,I am not receiving my token via sms…it says
“A problem occurred sending an Authy token by SMS. Please try again later”
what the problem here??? I’m not using authy app in my mobile device since don’t have any thing supported. I have double checked my phn number too during activation. Did I need to provide Development API too???
help me out here as I’m really looking forward to use authy in mt site.
]]>Hello,
thank you for the plugin and the great sevice. One thing :
I have customized my login page (own logo, background image and so on)to overid wordpress settings, but Authy shows me again the wordpress logo when it asks me for the token. How to get rid of the wordpress logo or to echo my login style sheet instead of wordpress one?
Thank you
]]>I have one major issue with this plugin is that it still allows me to login using mobile apps to accounts that have authy tokens via the wordpress app without needing the authy token. As you could imagine this is a major hole as anyone could just fake that they are coming from an android app to just bypass the authy reqirement which is essentially mooting the boost in security.
]]>First of all: thanks for this app!! It’s really what I was looking for. And it works like a charm. ??
If I can make a suggestion, the box in wp-login.php to enter the Authy token isn’t really intuitive. It confuses a lot of users (who don’t know about Authy or can’t even enable it because it’s not enabled for their role). They’ve emailed me to ask how to login (they didn’t understand that they should just enter username/password and login, leaving the Authy box empty).
My 2 cents ??
]]>