Remove 2FA

  • How can we completely remove/disable the 2FA feature so no extra column shows up in Users screen?

    I found this thread, but I have no DEACTIVATE button anywhere on Login Security page of Wordfence 7.3.2

    Screenshot:

    The page I need help with: [log in to see the link]

Viewing 8 replies - 1 through 8 (of 8 total)

  • To remove it from the user’s page (wp-admin/users.php) just expand the Screen Options at the top right hand of the page and uncheck 2FA status.

    https://i.postimg.cc/hPkmHLMF/users-list.jpg

    The only user level that always has the option to setup 2FA for themselves is Administrators. You can make 2FA unavailable for other user roles (Editor, Subscriber, etc) on the Login Security > Settings page where it says “Enable 2FA for these roles”.

    Tim

    Thread Starter Ov3rfly

    (@ov3rfly)

    Using Screen Options on each and every account is not an option. There are sites with several admins and various other accounts with extra xxx_users capabilities.

    As explained, we need a general completely remove/disable switch for the the 2FA feature.

    Thread Starter Ov3rfly

    (@ov3rfly)

    We added a cosmetic workaround now to functions.php of those sites. It removes the unwanted 2FA column in Users screen for now.

    $role = get_role( 'administrator' );
if ( is_a( $role, 'WP_Role' ) ) {
	if ( $role->has_cap( 'wf2fa_activate_2fa_self' ) ) $role->remove_cap( 'wf2fa_activate_2fa_self' );
	if ( $role->has_cap( 'wf2fa_activate_2fa_others' ) ) $role->remove_cap( 'wf2fa_activate_2fa_others' );
}

    Please don’t add capabilities to user roles without a general setting to disable this.

    I believe I misunderstood you. When you said “How can we completely remove/disable the 2FA feature so no extra column shows up in Users screen” I thought you meant the wp-admin/users.php page, not the user’s profile page. You’d only need to make the change I mentioned earlier once to remove the column from the list of users on the wp-admin/users.php page.

    For the users page in general, login to your site as an admin and go to the Login Security page (look under Wordfence in the left side navigation). On the Settings tab where it says “Enable 2FA for these roles” you can turn off the ability to use 2FA for any role you choose except administrators. Then those roles you deselected will not see any option to add 2FA to their account. I might add that only the administrators role is selected by default. If other roles were added they would have had to be checked by a member of your team.

    Tim

    Thread Starter Ov3rfly

    (@ov3rfly)

    As explained aready, using Screen Options on each and every account is not an option. There are sites with several admins, we can not log in as every admin on dozens of sites to “hide” something which those admins can “unhide” at any moment.

    Please add a general completely remove/disable switch for the the 2FA feature in Wordfence options.

    Hey @ov3rfly,

    Just so you know, this is a current feature request and the developers are looking into it.

    Thanks,

    Gerroald

    Glad to hear this will be looked at, came to find a way to disable as well.

    Is there any update on this? I’m using another 2FA plugin, and would like to disable Wordfence’s 2FA feature. Thanks!

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Remove 2FA’ is closed to new replies.