Hello, install of WP 2FA works, but assistant forces a window in foreground and after assistant a foreground windows has 2 choices that are NOT clickable. So this foreground windows does never close and WP 2FA is not functional. Is this a bug from WordPress or WP 2FA? The message box is a question between “continue” and “exclude 2FA admin”, both does not work, windows keeps open, click not working. Please help. Thank you.
]]>We’ve set up the WP 2FA plugin, and the configuration worked fine, we scanned the QR code with our Google Authenticator app. When prompted for our validation code we entered it, the wizard then provided our backup codes and we completed the process. However, when we then attempt to login using the 2FA code, it continuously says “Error: Invalid Validation Code”. There are no console errors or network errors so we’re not sure what could be causing this issue. The plugin works successfully on one of our other sites and they share a hosting setup so we don’t believe it’s that. We’ve also tried clearing the cache and this didn’t fix it either. Is there some way for us to see what could be causing this issue?
]]>Hi,
Are there any filters to enable integration with a membership plugin? Specifically I am using Woocommerce Memberships.
I understand you can setup 2FA policies by user role, but I actually need to require 2FA (or alternatively, make it optional) based on a user’s membership status. All users have the same role of customer.
Thanks
Hello,
I installed the plugin WP-WebAuthn as an additive secure login plugin for passkeys but when WP2FA is activated, login by fingerprint fails, but when WP2FA is deactivated it works.
Is there a solution to log in with passkeys in the free version resp. a third party plugin enable to work smoothly together with WP2FA?
Thanks.
Hey there.
Desperately need help, can’t get my Zapier integration working with WP 2FA on. I’m trying to use ‘Application password’ in WordPress and evet that doesn’t work. Question is, is 2FA required also with app passwords, and if yes, is there a way to get Zapier working? Wouldn’t like to give up 2FA for this.
Any helpful input deeply appreciated.
Hope you have a nice day.
Hello,
Thanks for this great plugin ??
I’m looking for the origin of this PHP error:
La fonction wp_no_robots est obsol��te depuis la version 5.7.0 ! Utilisez wp_robots_no_robots() �� la place. in /home/xxxx/public_html/yyyy/wp-includes/functions.php on line 6085
It seems to me that it comes from your plugin.
Includes/login-header.php on line 15 :
add_action( 'login_head', 'wp_no_robots' );
Have a nice day
]]>We are trying to install and configure the plugin in our website but after activation and wizard completion, wp-config.php file is bloating of lines like this one
/** WP 2FA plugin data encryption key. For more information please visit melapress.com */It seems that at every page load, a new line of comments is added
See screenshot https://tinyurl.com/23mze62b
Any suggestion on how to solve?
Thanks
]]>The 2fa config section is missing in my users profile.i could find the backend code in console but this not displayed.
Please let me know why this might be happening
]]>Hi,
Please add more CSS for styling front end form which presently has vertical padding removed on nearly all components and looks terrible. If your offering a feature like this which is really useful then you can’t be so opinionated in hardcoding the look and layout of the form. It doesn’t adopt the theme styling as you state on your site (I’m using Bootstrap 5) and i can see from the code-inspector you have zero’d most of the y-padding – it looks like crap!
Also there are illegal CSS id names – probably ok for targeting in js but they are flagged up in VSCode a illegal mark-up:
Hi
We are using Uncanny Codes to enroll users in elearning courses using LearnDash. Uncanny Codes has a registration form we are using to register new users, and also for Log in. WP 2FA works well with login, and we are using code sent to email. However on the the registration form the user is being registered without ant 2FA. Any idea how to solve this?
Best regards
Trond
We’ve used WP 2FA across a number of sites for a while now, and love the functionality.
But one issue we encounter often, is when used in conjunction with the Authy app, the logo is very rarely anything to do with the website that 2FA is being setup on.
It would be good to understand what information this plugin passes during the setup, that determines how this logo is set / searched.
Does the plugin pass an image path, or does it pass a website name (and if so, from what WordPress setting) that Authy then returns an image using Google search?
]]>My users need to log into a course on my website. I have set up and purchased the premier plugin.
My issue is one of my users who is using a chrome browser and does not use an app to authenticate. He does not see any text link (so that he can click it) in the prompt. Unless he can read the prompt to choose email then he cannot use the function. It is missing from his. I have tried to add a screenshot but it is failing. All he sees is “Please enter the two-factory authentication (2fa)verification code below to login. Depending on your ………another code”
He then sees a entry box to put his code
Underneath it says remember for 7 days
and a click button for login
underneath again is a link to go back to website.
I believe I have set up the ability to either do sms or email authentication, but as a side issue the prompt
Many 2fa tools offer to remember this device for x many days after successfully completing the 2fa step, is this possible to configure?
]]>Hi,
I am using premium version of this plugin, the issue I am facing is, the wp_2fa_totp_key keep changing after some time so when we try to login with TOTP code generated using the TOTP key user has during setup gives an error ‘Invalid key’. I tried to debug the code and found that this is happening because of
if ( Open_SSL::is_ssl_available() && false !== \strpos( $key, Open_SSL::SECRET_KEY_PREFIX ) ) {
error_log('$key'.$key);
$key = Open_SSL::decrypt( substr( $key, 4 ) );
/**
* If for some reason the key is not valid, that means that we have to clear the stored TOTP for the user, and create new on
* That could happen if the global stored secret (plugin level) is deleted.
*
* Lets check and if that is the case - create new one
*/
if ( ! Authentication::validate_base32_string( $key ) ) {
self::$totp_key = '';
self::remove_user_totp_key( $user );
$key = self::get_totp_key( $user );
$key = Open_SSL::decrypt( substr( $key, 4 ) );
}
}Here we are generating the code is generating another key if the global stored secret (plugin level) is deleted. Could you please let me know why this is happening again and again.
Due to that our team is facing issue in login to the website.
File Path : wp-content/plugins/wp-2fa-premium/includes/classes/Admin/Methods/class-totp.php
Line No: 414
Screenshot : The key keeps changing automatically after some time.
Hi,
I’m looking to use 2FA for our users, however, we use staging sites for all updates, changes etc. and then push to production after we know everything is working OK. I am a little concerned how well this would work with the plugin.
If I have the plugin enabled on the staging site, will it be as simple as just pushing to production and it works as expected on our live site also, or will something special need to be done in between? For example, will I need to deactivate the plugin, push to production and then enable when it is completed?
Thanks so much ??
]]>I have Wp 2FA plugin installed and activated, but there is no sign of this on the log in page via the wp-admin route.
How can I set this up please?
]]>Hi,
I’m using this 2FA plugin to enable the 2FA feature for “Subscriber”-role users, this is non negotiable since the custom features on our site only for subscriber-role users.
Here’s the problem that I’m having: Whenever the Subscriber-role users trying to setup the 2FA (after they first log-in the’re prompted to set up the 2FA). However, when the user click on the “Configure 2FA Now”, they are redirected to the WooCommerce’s My Account page.
now, what i’m suspecting is here: I think the problem is caused by the 2FA needs to be set up via the wp-admin (because when i copy the link on the “Configure 2FA Now” is like this: “https://site.link/wp-admin/profile.php?show=wp-2fa-setup”
Is it possible to setup the 2FA for the Subscriber role? Am i Missing something on the setup wizard? how can i fix this problem? Thanks
]]>Hi, I’m seeing the following Error in my WP2FA (If of Information, translated partially with LocoTranslate):
[21-Sep-2024 21:27:34 UTC] PHP Warning: Attempt to read property “title” on null in /home3/gooloode/public_html/wp-content/plugins/code-snippets/php/snippet-ops.php(582) : eval()’d code on line 108
[21-Sep-2024 21:27:34 UTC] PHP Deprecated: str_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated in /home3/gooloode/public_html/wp-content/plugins/code-snippets/php/snippet-ops.php(582) : eval()’d code on line 108
[21-Sep-2024 21:27:34 UTC] PHP Fatal error: Uncaught ValueError: Unknown format specifier ” ” in /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/class-wp2fa.php:595
Stack trace: 0 /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/class-wp2fa.php(595): sprintf() 1 /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/Admin/Methods/class-email-wizard-steps.php(306): WP2FA\WP2FA::get_wp2fa_email_templates() 2 /home3/gooloode/public_html/wp-includes/class-wp-hook.php(324): WP2FA\Methods\Wizards\Email_Wizard_Steps::email_modal_configure() 3 /home3/gooloode/public_html/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters() 4 /home3/gooloode/public_html/wp-includes/plugin.php(517): WP_Hook->do_action() 5 /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/Admin/Views/class-wizard-steps.php(380): do_action() 6 /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/Admin/class-user-profile.php(469): WP2FA\Admin\Views\Wizard_Steps::show_modal_methods() 7 /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/Admin/class-user-profile.php(361): WP2FA\Admin\User_Profile::generate_inline_modals() 8 /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/Admin/class-user-profile.php(591): WP2FA\Admin\User_Profile::user_2fa_options() 9 /home3/gooloode/public_html/wp-includes/class-wp-hook.php(324): WP2FA\Admin\User_Profile::inline_2fa_profile_form()
Hi there,
It seems your plugin blocks this feature.
https://web.dev/articles/bfcache?utm_source=devtools
I have below error when I test it as explained in here. BFCache Explained: Verify on your WordPress site (youtube.com)
“Pages that use WebAuthetication API are not eligible for back/forward cache.”
Can you check and fix if possible?
Chat gpt’s suggestion
4. Modify Plugin or Theme Code for Conditional Loading
a. Enqueue Scripts Conditionally:
- Action Steps:
- Edit the plugin or theme files to load WebAuthn scripts only on necessary pages (e.g., login or account pages).
- Example in
functions.php:phpCopy codefunction conditional_webauthn_scripts() { if ( is_page('login') || is_account_page() ) { // Enqueue WebAuthn script wp_enqueue_script( 'webauthn-script', plugin_dir_url( __FILE__ ) . 'js/webauthn.js', array(), '1.0.0', true ); } } add_action( 'wp_enqueue_scripts', 'conditional_webauthn_scripts' ); - Note: Replace
'js/webauthn.js'with the actual path to the WebAuthn script.
b. Defer Initialization:
- Initialize WebAuthn functionality only when the user interacts with specific elements.javascriptCopy code
document.getElementById('login-button').addEventListener('click', function() { // Initialize WebAuthn here });
Hello,
i just received the following Error. Can you help me resolve this issue?
Ein Fehler vom Typ E_ERROR wurde in der Zeile 595 der Datei /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/class-wp2fa.php verursacht. Fehlermeldung: Uncaught ValueError: Unknown format specifier ” ” in /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/class-wp2fa.php:595Stack trace:#0 /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/class-wp2fa.php(595): sprintf()#1 /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/Admin/Methods/class-email-wizard-steps.php(306): WP2FA\WP2FA::get_wp2fa_email_templates()#2 /home3/gooloode/public_html/wp-includes/class-wp-hook.php(324): WP2FA\Methods\Wizards\Email_Wizard_Steps::email_modal_configure()#3 /home3/gooloode/public_html/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters()#4 /home3/gooloode/public_html/wp-includes/plugin.php(517): WP_Hook->do_action()#5 /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/Admin/Views/class-wizard-steps.php(380): do_action()#6 /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/Admin/class-user-profile.php(469): WP2FA\Admin\Views\Wizard_Steps::show_modal_methods()#7 /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/Admin/class-user-profile.php(361): WP2FA\Admin\User_Profile::generate_inline_modals()#8 /home3/gooloode/public_html/wp-content/plugins/wp-2fa/includes/classes/Admin/class-user-profile.php(591): WP2FA\Admin\User_Profile::user_2fa_options()#9 /home3/gooloode/public_html/wp-includes/class-wp-hook.php(324): WP2FA\Admin\User_Profile::inline_2fa_profile_form()#10 /home3/gooloode/public_html/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters()#11 /home3/gooloode/public_html/wp-includes/plugin.php(517): WP_Hook->do_action()#12 /home3/gooloode/public_html/wp-admin/user-edit.php(876): do_action()#13 /home3/gooloode/public_html/wp-admin/profile.php(18): require_once(‘/home3/gooloode…’)#14 {main} thrown
]]>Hi,
I’ve used WP2FA and it works great. But I’ve used it primarily on a site where I just use the default wp-login.php page and seem to recall difficulty, at one point, using it with a membership plugin.
Before I start trying to add something like ultimate member, can you clarify if this will work well with it? Will it show up on the login/registration page where it can be configured, etc?
Thanks
]]>My Frontend Password Reset gives out critical Error
WordPress 6.6.1, PHP 8.2, WP-2FA (Version 2.8.0)
Fatal error: Uncaught ArgumentCountError: Too few arguments to function WP2FA\Authenticator\Reset_Password::lostpassword_post(), 1 passed in /html/wordpress/wp-includes/class-wp-hook.php on line 324 and exactly 2 expected in /html/wordpress/wp-content/plugins/wp-2fa/includes/classes/Authenticator/class-reset-passord.php:47 Stack trace: #0 /html/wordpress/wp-includes/class-wp-hook.php(324): WP2FA\Authenticator\Reset_Password::lostpassword_post(��) #1 /html/wordpress/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters(NULL, Array) #2 /html/wordpress/wp-includes/plugin.php(517): WP_Hook->do_action(Array) #3 /html/wordpress/wp-content/plugins/frontend-reset-password/includes/somfrp-functions.php(343): do_action(������) #4 /html/wordpress/wp-includes/class-wp-hook.php(324): somfrp_lost_pass_callback(������) #5 /html/wordpress/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters(��, Array) #6 /html/wordpress/wp-includes/plugin.php(517): WP_Hook->do_action(Array) #7 /html/wordpress/wp-content/plugins/frontend-reset-password/includes/somfrp-functions.php(297): do_action(������, ������) #8 /html/wordpress/wp-includes/class-wp-hook.php(324): somfrp_lost_pass_handler(������) #9 /html/wordpress/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters(NULL, Array) #10 /html/wordpress/wp-includes/plugin.php(517): WP_Hook->do_action(Array) #11 /html/wordpress/wp-content/plugins/frontend-reset-password/includes/somfrp-functions.php(254): do_action(������, ������) #12 /html/wordpress/wp-includes/class-wp-hook.php(324): somfrp_post_request(��) #13 /html/wordpress/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters(NULL, Array) #14 /html/wordpress/wp-includes/plugin.php(517): WP_Hook->do_action(Array) #15 /html/wordpress/wp-includes/template-loader.php(13): do_action(������) #16 /html/wordpress/wp-blog-header.php(19): require_once(������) #17 /html/wordpress/index.php(17): require(������) #18 {main} thrown in /html/wordpress/wp-content/plugins/wp-2fa/includes/classes/Authenticator/class-reset-passord.php on line 47
Any Advice on how to fix this? Help would be much appriciated.
]]>How many minutes? 5min, 15min?
Can it be adjusted?
]]>Hi,
I’m working with WordPress version 6.4.3 and PHP 8.1. I’m using WP-2FA (Version 2.7.0) plugin, which seems to be conflicting with the Theme My Login (version 6.4.17) plugin. Here’s the fatal error I’m encountering:
PHP Fatal error: Uncaught ArgumentCountError: Too few arguments to function WP2FA\Authenticator\Reset_Password::lostpassword_post(), 1 passed in C:\xampp\htdocs\xxxxxxxxx\wp-includes\class-wp-hook.php on line 324 and exactly 2 expected in C:\xampp\htdocs\xxxxxxxxx\wp-content\plugins\wp-2fa\includes\classes\Authenticator\class-reset-passord.php:47
Stack trace: 0 C:\xampp\htdocs\xxxxxxxxx\wp-includes\class-wp-hook.php(324): WP2FA\Authenticator\Reset_Password::lostpassword_post(Object(WP_Error)) 1 C:\xampp\htdocs\xxxxxxxxx\wp-includes\class-wp-hook.php(348): WP_Hook->apply_filters(”, Array) 2 C:\xampp\htdocs\xxxxxxxxx\wp-includes\plugin.php(517): WP_Hook->do_action(Array) 3 C:\xampp\htdocs\xxxxxxxxx\wp-content\plugins\theme-my-login\includes\class-theme-my-login.php(1286): do_action(‘lostpassword_po��’, Object(WP_Error)) 4 C:\xampp\htdocs\xxxxxxxxx\wp-content\plugins\theme-my-login\includes\class-theme-my-login.php(384): Theme_My_Login::retrieve_password() 5 C:\xampp\htdocs\xxxxxxxxx\wp-includes\class-wp-hook.php(324): Theme_My_Login->template_redirect(”) 6 C:\xampp\htdocs\xxxxxxxxx\wp-includes\class-wp-hook.php(348): WP_Hook->apply_filters(NULL, Array) 7 C:\xampp\htdocs\xxxxxxxxx\wp-includes\plugin.php(517): WP_Hook->do_action(Array) 8 C:\xampp\htdocs\xxxxxxxxx\wp-includes\template-loader.php(13): do_action(‘template_redire��’) 9 C:\xampp\htdocs\xxxxxxxxx\wp-blog-header.php(19): require_once(‘C:\xampp\htdocs��’) 10 C:\xampp\htdocs\xxxxxxxxx\index.php(17): require(‘C:\xampp\htdocs��’) 11 {main} thrown in C:\xampp\htdocs\xxxxxxxxx\wp-content\plugins\wp-2fa\includes\classes\Authenticator\class-reset-passord.php on line 47
Please help me to resolve this issue.
]]>When I enforce 2fa, setup using QR, and then start typing in the code, the screen goes black. I have to hit escape to show the form again. I wish I had recorded it so I can show you, but thats the best I can explain. Not sure why its happening.
]]>I just installed and configured your plugin. I’m now unable to log in. I got the QR code and setup my account, and saved the backup codes. I also created a 2nd admin account.
I can’t login. The sequence is, I enter name and password, it prompts for the code, I enter the code, it hangs for about 8 seconds, then I’m presented with the name/password form again. I tried this 3 times then tried a backup code – same thing.
Then I tried using my spare account, which hadn’t been configured for MFA yet. It tells me I have 3 days to configure MFA and gives the option to configure now or do it later. I obviously want to do it later since I intend to uninstall this the minute I get logged back in. So I click “I’ll do it later”, and it takes me back to the name/password form.
Tell me how I can log into the server console and manually uninstall this thing.
]]>Cannot login, crash on POST /wp/wp-login.php?action=validate_2fa
PHP Fatal error: Uncaught TypeError: WP2FA\Core\wp_salt(): Return value must be of type string, null returned in /plugins/wp-2fa/includes/functions/core.php:322
WP – 6.5.4
WP2FA – 2.6.4
PHP – 8.2
I have noticed an issue after the recent update to WordPress and all my plugins. Editors are currently unable to log in. After entering the OTP, they are redirected to ��https://xxxxx.com/wp-admin/profile.php?show=wp-2fa-setup�� and receive the message ��You do not have permission to access this page!��
Could this be a permission setting issue? I would appreciate your assistance in resolving this matter.
]]>When seeking help with this issue, you may be asked for some of the following information:
WordPress version 6.5.2
Active theme: ZoxPress Child (version 1.1.08)
Current plugin: WP 2FA – Two-factor authentication for WordPress (Premium) (version 2.3.0)
PHP version 8.2.18
Error Details
=============
An error of type E_ERROR was caused in line 813 of the file /nas/content/live/core/wp-content/plugins/wp-2fa-premium/includes/classes/Authenticator/class-login.php. Error message: Uncaught Error: Call to undefined function WP2FA\Authenticator\login_header() in /nas/content/live/core/wp-content/plugins/wp-2fa-premium/includes/classes/Authenticator/class-login.php:813
Stack trace:
#0 /nas/content/live/core/wp-includes/class-wp-hook.php(324): WP2FA\Authenticator\Login::login_form_validate_2fa(”)
#1 /nas/content/live/core/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters(NULL, Array)
#2 /nas/content/live/core/wp-includes/plugin.php(517): WP_Hook->do_action(Array)
#3 /nas/content/live/core/wp-settings.php(717): do_action(‘wp_loaded’)
#4 /nas/content/live/core/wp-config.php(76): require_once(‘/nas/content/li…’)
#5 /nas/content/live/core/wp-load.php(50): require_once(‘/nas/content/li…’)
#6 /nas/content/live/core/wp-blog-header.php(13): require_once(‘/nas/content/li…’)
#7 /nas/content/live/core/index.php(17): require(‘/nas/content/li…’)
#8 {main}
? thrown
Getting the below error when plugin is activated.
Fatal error: Uncaught Error: Call to a member function get_page_permastruct() on null in /home/customer/www/childaidee.org.uk/public_html/wp-includes/link-template.php:435 Stack trace: #0 /home/customer/www/childaidee.org.uk/public_html/wp-includes/link-template.php(397): _get_page_link(Object(WP_Post), false, false) #1 /home/customer/www/childaidee.org.uk/public_html/wp-includes/link-template.php(197): get_page_link(Object(WP_Post), false, false) #2 /home/customer/www/childaidee.org.uk/public_html/wp-content/plugins/wp-2fa/includes/classes/class-wp2fa.php(675): get_permalink(Object(WP_Post)) #3 /home/customer/www/childaidee.org.uk/public_html/wp-content/plugins/wp-2fa/includes/classes/Admin/Helpers/class-user-helper.php(1303): WP2FA\WP2FA::replace_email_strings(‘Your user on {s…’, 8) #4 /home/customer/www/childaidee.org.uk/public_html/wp-content/plugins/wp-2fa/includes/classes/Admin/Helpers/class-user-helper.php(1400): WP2FA\Admin\Helpers\User_Helper::send_expired_grace_email(8) #5 /home/customer/www/childaidee.org.uk/ in?/home/customer/www/childaidee.org.uk/public_html/wp-includes/link-template.php?on line?435
There has been a critical error on this website. Please check your site admin email inbox for instructions.
]]>