Feature Request – Separate From Username/Password Area

  • Resolved bamajr

    (@bamajr)


    11 years, 5 months ago

    I know there is a similar topic at https://www.ads-software.com/support/topic/feature-request-ask-for-code-on-second-page but I felt this was enough of a difference to post a separate request.

    The biggest issue I have with this plugin, is in how it negates the stored usernames/passwords from working. I allow Safari to save my Username/Password, for each of my WordPress websites. When the new OS X Mavericks comes out, these passwords will be part of those sync’ed over iCloud, for use on all my other devices. I do not want Safari to stop auto-populating the Username/Password, but I still want to be asked for the Google Authenticator Code.

    In addition, this plugin renders the WordPress iOS app, completely useless. When this plugin is installed, WordPress iOS cannot connect to the website. I know it is it’s own app, but I’m assuming the issue could be resolved by separating the Username/Password screen from the Google Authenticator screen. Ultimately, I want to use the Google Authenticator on the iOS app, as well.

    https://www.ads-software.com/extend/plugins/google-authenticator/

Viewing 5 replies - 1 through 5 (of 5 total)

  • Regarding your iOS app, did you read this FAQ entry :

    Can I use Google Authenticator for WordPress with the Android/iPhone apps for WordPress?

    Yes, you can enable the App password feature to make that possible, but notice that the XMLRPC interface isn’t protected by two-factor authentication, only a long password.

    Best regards
    Henrik Schack

    Thread Starter bamajr

    (@bamajr)

    Yes, I did read it. I’m saying my access, via the iOS WordPress app, should be protected by the two-factor authentication, instead of a long password.

    I’m also saying that the two-factor authentication should be a secondary step, on a second screen, after the username/password screen, just like when you use any of the Google services.

    I want the ability to store my usernames/passwords, but secure the websites, by forcing two-factor authentication. I do not want to be forced to remember the username/password for the web interface nor the username/long-password for the WordPress iOS interface.

    I’m not the on programming the iOS app, I don’t think there is any way I can fix that.

    Best regards
    Henrik Schack

    I just released a new plugin to separate the token prompt from the username/password screen. It runs alongside Google Authenticator and modifies the login workflow so that only users with 2FA enabled are prompted.

    It’s available at https://www.ads-software.com/plugins/google-authenticator-per-user-prompt/

    I may have found a smart way of doing this with risking to break down everything during upgrades, I’ll be testing in near future.

    Best regards
    Henrik Schack

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Feature Request – Separate From Username/Password Area’ is closed to new replies.