Locked Out But Still Able To Login

  • Resolved David Adams

    (@tictag)


    1 year, 2 months ago

    Wordfence Login Security is set to Required for Administrators, my account is an Administrator account and has been Locked Out (see screenshot below) but I can still login, in fact, I am not even asked for a 2FA code during the login process.

    How would you recommend that I troubleshoot this issue?

    Wordfence Security v7.10.3 | WordPress v6.3.1

    View post on imgur.com

    • This topic was modified 1 year, 2 months ago by David Adams. Reason: Edit: Added application versions
Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @tictag, thanks for reaching out!

    The “lockout” for 2FA in the screenshot is different from the kind of lockout that would appear on the Wordfence > Blocking page.

    This is actually a failsafe for when an admin sets 2FA to be “required” for admins, and no admins have 2FA currently enabled. This way, we don’t enforce 2FA because there would be no way for anybody to log in to disable it without disabling the plugin outside of WordPress first.

    2FA is only considered required when the option to require it is both enabled and there is at least one administrator with it active.

    Thanks,
    Peter.

    Thread Starter David Adams

    (@tictag)

    Ahhh, very clever!! I’ve setup 2FA on one Administrator account and can confirm that 2FA is requested now. Thank you!

    Please feel free to close the ticket.

    Plugin Support wfpeter

    (@wfpeter)

    Thanks @tictag, thanks for getting back and if you have any Wordfence questions in future by all means start up a new topic and we’ll be happy to help out!

    Peter.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Locked Out But Still Able To Login’ is closed to new replies.