Need A Configuration Variable to Disable 2FA Globally

Thanks for reaching out.

We don’t have a way to shut off the 2FA feature. Have you tried just not enabling it for all of the user roles? You can do that on the Wordfence > Login Security > settings page. You can’t set it to disabled for Administrators but you can make it optional. Hope this helps.

Tim

The problem here is that when there is a problem with the 2FA verification you have no option other than to completely disable the entire plugin in order to get into the site. Then when you have a site with a large number of Administrators then you have to go in to each individual Admin account and remove 2FA. Which means they will all have to setup 2FA again once the 2FA verification issues are fixed. There needs to be a way to just go into the wp-config.php and define a global constant that will disable the requirement for 2FA for all users. If this isn’t available then it really doesn’t make sense to keep using the Wordfence supplied 2FA since it is all tightly integrated.

Thanks for the suggestion. Right now this isn’t something we are considering adding. You can tell your administrators not to use 2FA and to remove it from their accounts if you like. I have passed the suggestion to the dev team to think about adding the functionality in a future release.

Tim