Hi @rolfhennequin, thank-you for getting in touch.
I’m happy to provide you instructions on how to get back into your site. There are two ways to get back into the site.
The first way is if you have added the site in Wordfence Central (a free site management tool in your account on wordfence.com):
- Login to Wordfence.com and look for the Configuration tab.
- Click the gear icon at the end of the row that the site you need to access is on.
- Scroll down to the Login Security Options section and expand it by clicking the small black arrow to the right.
- In the section that says “Whitelisted IP addresses that bypass 2FA” add your public facing IP address.
NOTE : You can get your public facing IP by clicking this link.
- Scroll back to the top of the screen and save the changes.
- You should now be able to login to your site with just a username and password.
If you haven’t added your site to Wordfence Central follow these steps:
- Please use FTP/SFTP — or any file manager your web host provides via their administration panel.
- Look inside the /wp-content/plugins/ directory and rename the wordfence directory to wordfence.bak. This will deactivate Wordfence and allow you to login without the 2FA code.
- Once you have logged in to your WordPress admin you can name the folder back to wordfence again.
- Go to your user profile and add 2FA back to your account, making sure to download the backup codes in case of problems in the future.
If you have any other trouble logging in feel free to reach out here. Sometimes when 2FA has worked in the past but no longer validates codes, the time WordPress sees is no longer synchronized to the correct timezone. It might be worth reaching out to your host or checking WordPress > Settings > General > Timezone to see if something has been changed.
Thanks,
Peter.
