Version：1.14.26
I used Elementor to build a Two-Factor Authentication settings page and implemented it using the shortcode [twofactor_user_settings]. However, after updating to the latest version recently, the Two-Factor Authentication settings page no longer displays correctly.

Hello,

Today I have installed your plugin on two of my websites.

On one site I have activated and put the settings as TOTP and that works and I can use Google Authenticator.

On the other site I did the same, but wanted to test the HOTP and then I have a problem, because I could not login anymore. Each time I get a new code in the Authenticator it does not accept and then comes a new code.

I wanted to change the setting back to TOTP but that;s not possible because I can not login.
I have deactivated and removed the plugin via the pleskdashboard. But after re-installing it seems that the previous settings are remembered and again I can not login.

How to fix this problem? Is there a table I have to delete before reinstalling the plugin?

Hope to hear from you soon.
Thanks for answering me.

Kind regards,
Emilia

Hi David,

I posted this issue over a year ago and never found the issue.

When I login in with the UserName and Password, it immediately gives me the TFA code error shown without ever going to the TFA screen. I’m using a new theme and 8.2 PHP now, but still having the same issue.

Previously, I would just disable the plugin on my server and do my admin work and then re-enable it. I’m working on sites more actively now and don’t want to forget to turn on the 2FA, so hoping to find the issue. I ran F12 console while submitting the form and here’s what I got.

Uncaught ReferenceError: wp is not defined
[page link]:339

and:

Some cookies are misusing the recommended “SameSite“ attribute

I thought it might be the WPS Hide Login plugin, but I disabled that and it didn’t change anything. I’m not sure what other types of plugins could cause the form to submit prematurely.

Is the info above helpful, or what steps would I need to take to track down which plugin is causing the conflict? (Or is there a way to disable all plugins on an admin login page? I didn’t see that option in AssetCleanUp)

Thanks in advance!

Maybe is possible inform the max compatibility php version, i use the plugin

Health Check & Troubleshooting and say 7.1

https://wptide.org/

Just for inform and help, the plugin run ok

Hi,

How do I get the 2FA plugin to work with Ninja Forms.

Created a Ninja Login form and it works but not for users with 2FA activated.

Thanks,

Jan

Dear Sirs,

Please, i′m getting an error when trying to access via Edge… after typing user and pass, i get this message:

https://ibb.co/SyMhgxG (I can’t even type the code…)

But when trying via Chrome, all works fine…

What could be?

Regards,

Tony

JS path:/two-factor-authentication/simba-tfa/includes/tfa.js
I made an API URL, and I can get the username after fetching.Because I will use fetch, I need to use a combination of async/await to wait for js to get the username.

async function check_and_possibly_show_otp_field(form, only_cache_the_results) {

                // If this is a "lost password" form, then exit
                if ($(form).attr('id') === 'lostpasswordform' || $(form).attr('id') === 'resetpasswordform') return false;

                var username = $(form).find(get_username_identifiers()).first().val();
                var myreg = /^09[0-9]{8}$/;

                if (myreg.test(username)){
                    const response = await fetch("api_url?user_name=" + username);
                    username = await response.text();
                }
if (!username.length) return false;
...
}

But using the syntax of async/await, I got Promise, which caused the following equation code to be abnormal, and the verification error will always be displayed. How can I modify the JS so that it can operate with async/await?

Question: e.preventDefault() and return false not work!(Still run and submit)

var form_submit_handler = function(e) {

                console.log('Simba TFA: form submit request');

                var form = e.target;

                var form_is_gravity_forms = ('object' == typeof window['gform_gravityforms'] && 'undefined' !== typeof $(form).attr('id') && 'gform_' === $(form).attr('id').substring(0, 6));

                // Turn off everything
                $(form).off();

                if (0 == $(form).find('#simba_two_factor_auth').length && check_and_possibly_show_otp_field(form)) {

                        if (form_is_gravity_forms) {
                                var form_id = $(form).attr('id').substring(6);
                                // Gravity Forms won't allow the form to submit if this is already true
                                window['gf_submitting_'+form_id] = false;
                        }

                        e.preventDefault();
                        return false;

                }

                return true;

        };

• This topic was modified 11 months, 1 week ago by Leo.Lin.
• This topic was modified 11 months, 1 week ago by Leo.Lin.

<font _mstmutation=”1″></font>

?????

?????? ???? ??? ?? 2?? ???? ????? ??????.

<font _mstmutation=”1″ _msttexthash=”648191349″ _msthash=”609″>??? ???? ???? ??? ??? ?? ???? ???? ?? ??? ?? ?????. ???? ?? ??????? ??? ?????? ????, ??? ??? ???? ???? ??? ??? ???? ??? ????. ???? ?????</font>?<font _mstmutation=”1″></font>

I have the Two Factor plugin installed and active. However, it doesn’t show up in my menu so I can configure it. Any idea why that might be?

Hi,
I activate 2FA on my WordPress Website with AUTHY. I succeded to synchronise AUTHY to my web site : both password are the same.
When I log in, in the 2FA field I can enter any code, it will be accepted…

Could you have a look and correct this problem ?

Many thanks,

Regards

Hi, how do integrate f2a to 3rd party login module? (another plugin)

thanks

Hello Devs,

I accidentally enabled the “Encrypt keys in database” under settings and it says “Encrypt keys in database has been enabled. This feature cannot be turned off.”

I was wondering what does it do? I’m afraid that I might’ve encrypted something that I can not retrieve.

After login, the 2FA page reload, and I no can write the 2 factor code because reload automatic before I can write, I think send the form empty

No is compatible with plugin “Login Security Captcha”

https://www.ads-software.com/plugins/login-security-recaptcha/

Is possible you can fix this?

I like the 2 plugin, but not are compatible

• This topic was modified 1 year, 5 months ago by Guillermo77.

Hi, last night my WP sites was upgraded to last WP version 6.2.1.
Then all of a suddon my OTP codes was not accepted… I disabled OTP authorization on server. Now my codes are generated different as in my mobile code generator. Why?

Parse error: syntax error, unexpected ‘)’ in /wp-content/plugins/two-factor-authentication/simba-tfa/providers/totp/loader.php on line 734

Fix: Remove training ‘,’ at line 733, patch:

 .../two-factor-authentication/simba-tfa/providers/totp/loader.php       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/wp-content/plugins/two-factor-authentication/simba-tfa/providers/totp/loader.php b/wp-content/plugins/two-factor-authentication/simba-tfa/providers/totp/loader.php
index 6d53212a0b..2fdd94a633 100644
--- a/wp-content/plugins/two-factor-authentication/simba-tfa/providers/totp/loader.php
+++ b/wp-content/plugins/two-factor-authentication/simba-tfa/providers/totp/loader.php
@@ -730,7 +730,7 @@ class Simba_TFA_Provider_totp {
                if (empty($user_results)) {
                        return new WP_Error(
                                'failed_to_get_priv_keys',
-                               __('Encrypt secrets feature not enabled: unable to get private keys from the database.', 'two-factor-authentication'),
+                               __('Encrypt secrets feature not enabled: unable to get private keys from the database.', 'two-factor-authentication')
                        );
                }

• This topic was modified 1 year, 6 months ago by a9725e4a84.

Is it possible to change the layout of the settings in the front-end using shortcode or can it be modified?

Hello,

I found that one of your plugin’s string has a wrong text domain (all-in-one-wp-security-and-firewall) and thus can’t be translated.
See line 92 of this file .

Moreover, at this moment in code, the plugin is not fully loaded. So action at line 66 is not called and this string will never be translated indeed…

You may want to change this in order to allow this title to be translatable.

Hi,

Working on your plugin’s translation, I found that you are using a global static variable for the text domain : SIMBA_TFA_TEXT_DOMAIN on line 44 of /two-factor-authentication/trunk/two-factor-login.php .

This shouldn’t be, as stated in the Internationalization guide.

Could you change that please, to allow everyone to be able to translate easily your plugin??

Hello,

Roles are not displayed translated. Could you use translate_user_role on $name at lines 1073 and 1083 of /two-factor-authentication/trunk/simba-tfa/simba-tfa.php file please ?

• This topic was modified 1 year, 9 months ago by madmax4ever.

How can i disable 2fa on specific user?

Thank you

Hello,

Ultimate Member is one of the most popular Users profile plugins. Does the free or premium plugin work with Ultimate Member?

Regards,

Cezary

Tried to log into my site after installing 2FA and now get the following error:

“An error has occurred. Site owners can check the JavaScript console for more details.”

I am not able to log in. Is there a way to disable it via wp-config.php?

I added the following code to theme>function.php.
When I login with my phone, I don’t get redirected to the verification code page.
Error message appears:The TFA code you entered was incorrect.

add_filter('authenticate', 'loginWithPhoneNumber', 20, 3);
function loginWithPhoneNumber($user, $username, $password) {
    //  Try logging in via their billing phone number
    if (is_numeric($username)) {
        $matchingUsers = get_users(array(
            'meta_key'     => 'billing_phone',
            'meta_value'   => $username,
            'meta_compare' => 'LIKE'
        ));
        if (is_array($matchingUsers) && !empty($matchingUsers)) {
            $username = $matchingUsers[0]->user_login;
        }
    }
    return wp_authenticate_username_password(null, $username, $password);
}

Hi,
I’m currently trying to register a FIDO2 HW key. However, as soon as I click the “register” button, it stuck on the loading icon and nothing happens.

Any idea what I could do?
Thanks

Hi there

As of today, is this TFA plugin fully compatible with PHP 8.1 or what is the current status?

Thanks a lot
Michael

Hi guys,

Is the 2FA plugin compatible with BuddyBoss, and MemberPress?

See error for an Administrator – https://www.screencast.com/t/aXM9fmheX

We’ve had to deactivate 2FA to remove the error to allow the user access to the site. It has been working fine up until this weekend.

Thanks.

Hi does this plugin work on frontend login im using ultimate member plugin for my login

Hi,

Whenever I try to login in, I get this error message, but it doesn’t take me to the OTP screen at all. I type in username and password, and it immediately gives this error.

Error: The one-time password (TFA code) you entered was incorrect.

I have 2 sites with the error. 1 of them I could get to work on Firefox, but not Chrome and the other I can’t get to work at all. Sometimes I can input the wrong password a few times and then it will give me the OTP screen, but usually I end up having to disable the plugin, access my admin info and reactivate after access.

Do you know what is needed to correct this error? Thanks in advance!

• This topic was modified 2 years ago by krlgroupfl.

Hello, I am look for a 2FA plugin that will allow me to add this feature to custom roles I created on a subsite. My site is currently a WP Multisite and when going to the setting of this plugin, it is only identifying the roles that are on the main WP site, not the roles that I created for the subsite. Is there a way for this plugin to identify those roles so that I can apply the feature?

Hi,

I just tried to update this plugin today, and I got a critical error message on both my live and staging sites.

I updated the plugin on my live site first and got the critical error message, so I restored my website to the previous back up, and all seemed fine. Then I tried updating the plugin on my staging site and got the critical error message again.

When I went back into my live site, the critical error returned even though it is the previous version (1.14.7). It wasn’t showing this error before today.

In my staging site, I tried deactivating, deleting and reinstalling the plugin and the error has not returned so far, but if I leave it deactivated it is still asking me for my OTP code when I try to log into WordPress. (Why?)

Below are the error details in the emails I received from WordPress. Please note that line numbers and error details are slightly different.

WordPress version 6.0.2
Active theme: My Listing (version 2.9.4) Current plugin: Two Factor Authentication (version 1.14.7) PHP version 8.0.22

1st time (after updating in my live site)

Error Details
=============
An error of type E_COMPILE_ERROR was caused in line 9 of the file /var/www/wp-content/plugins/two-factor-authentication/simba-tfa/includes/login-form-integrations.php. Error message: Cannot declare class Simba_TFA_Login_Form_Integrations, because the name is already in use

2nd time (after updating in staging)

Error Details
=============
An error of type E_COMPILE_ERROR was caused in line 8 of the file /var/www/wp-content/plugins/two-factor-authentication/simba-tfa/providers/totp-hotp/loader.php. Error message: Cannot declare class Simba_TFA_Provider_TOTP, because the name is already in use

Thanks in advance,
Debbie

• This topic was modified 2 years, 1 month ago by debbieweeks2.
• This topic was modified 2 years, 1 month ago by debbieweeks2.