Honkytonky

Well, what can I say? It works like a charme now! Thanks! I just sent you the German translation! Greetz!

Oh, great, I could be of help. Wait just a little time, in 15 minutes more I will have sent you the German translation!

Greetz!

Oscar,

I just sent you a screenshot. I use the latest version of FF on a Macbook Pro Late 2012 Generation. I cannot really say anything about any other browser because I usually use blackbox and whitelabel my OS to the max. Besides Firefox I have nothing else to test it on! Greetz!

Hey Oscar,

thanks a lot. I have been translating one hour today and will finish tomorrow night. I will send you a Chilean Spanish version soon. I will also do a German version as I am a native German speaker. Nevertheless I guess the Spanish version will be good enough to go and provide with the plugin! Million thanks for getting this done so quickly! Greetz from Chile!

I just do not want to have you stand in the rain:
the error you pasted at least points in the direction of a string that has not been properly closed. If you need a solution really bad you could open the according file (see the error) in a text editor and look for a missing ” or another closing character! It should not be too complicated. If you browse the error message into google you will be pointed to a bunch of great sites that easily explain it. It is if so y typo, no more. Do by any chance not move on to another plug. 2FA is by far extent the mastery option. I spend two weeks looking, trying, deleting and this is the thing. Only throwing in my two cents here.

J,

I am not the author of the plugin and by far extent my competencies do not allow coding stuff like that. I just assumed you were capable of coding html, css and some minor php stuff like I do. I understand that as a wordpress user not everybody does this. In this case please stay put for Oskars answer. He is really kind and gets back to requests fast and competent. I would love to help out by trying to install but I spend 2 hours translating today and would lose all my work. From what I can say right now, try the following: deactivate any security related plugin you momentarily use. Do it one by one always activating 2FA right after. By any chance it could be a plugin conflict. I experience no conflicts with WP Better Security, User Role Plugin and Adminimize. I have no other related plugs installed!

J Weinberger,

it just crossed my mind: when I had a file of the plugin open in Dreamweaver today it spit me out some php errors – I did not pay too much attention because I usually prevent using DW and code everything in text editor. Above all DW is known to have a somewhat akward behavior towards evaluating code! Maybe you give it a try and have a look into it yourself!

Would be eager to help but for reasons of my last night translation into Chilean spanish I did not update yet. Oscar, would I be able to copy only certain parts of your new update in order not to lose my entire translation. I unfortunalety had to translate the backend for our editors as the use of English is not widely spread in Chile! Hope that the new update did not crash due to my questions here :-). Thx and greetz, latest install still working like a charme!

Dear Oskar,

just a quick note to say thank you so much. To let you know what I did and to lift some shadows for newbies like I am:

I had to find a complicate workaround to solve the problem. First I activated postfix on my mac. This is a real pain in the ass but there are some tutorials out there: the only one that worked for me is https://benjaminrojas.net/configuring-postfix-to-send-mail-from-mac-os-x-mountain-lion/

Because mails do not get send properly to my gmail account I ended up hacking brutally into the plain mails via the console and the simple “mail” command and read the mailer deamons in my console. Expect nothing readable, you have to close your eyes and clench your teeth. However it turned out that Oscars mails are indeed sent properly. I deleted a felt million of different mailer daemons of my wordpress local install first and had one clean login mail from 2FA sent again to make it easier to navigate in the console. The proper command to do so is: https://www.patrickpatoray.com/index.php?Page=47.
Be aware however, that you have to be superuser on the mac, thats similar to superroot in linux. Make your admin superroot by going to Preferences, Users and Groups, and enabling Network/Expanded Directories.
Then I read this mail locally in the console and logged in successfully in an editors account. Then I finally had access to the menue item and changed to Google Auth. Finally it worked like a charme. Setting up a second account on my IPhone I then was able to login with the editor and my headmasters account. Thanks so much, Oscar. I already gave you five stars earned for your big support, will write the review now! Cheers!

Thx Oskar,

I got it, it was my fault. I always expected a button to show up and I was irritated by this blue design of the login button, it was clearly a misunderstanding on my side.

Regarding to the Auth procedure, yes, in principle yes, but my headmaster asked me to integrate the best security possible. Hence the great usability of this feature I am still curious. What I found out is that the admin menue left hand seems to be structured in three parts, one that goes with the pages, posts and all related custom post types, one that goes with the options, settings and appearance, this is the one that is being blocked from display to the editors and one below which most other plugins occupy. I thought that it might be a good idea in my case to move 2FA to this structure because these plugs all show up. But as I by far extent am not made of your skills the question is: how independent is the place where the menu goes from how the plug works. It is a question of altering the hook and no more because than I could possibly look it up. Or does ist depend on altering all the database?
In the meantime I will try a test with a mail setup. I am highly curious!

Hey, thx a lot for your reply.

Regarding to the tech facts: it is the latest stable wp version, 3.5.1, it is no multi site a normal localhost install on MAMMP.

The funny thing is that when I use the given link while an editor is logged in the server gives me a “You do not have sufficient rights” error…of course in my admin account it works like a charme and leads to the actual settings page.

Regarding to the login issue I seem that I understand you a lot better now. There is no new button being displayed but the inition of the e-mail-delivery happens with the click on the input field? If that is the case I have to solve my localmail issue and somewhat get that email out to check if it works. But still the problem will be to change for that user to Google Auth as I strangely cannot happen to make the settings appear on the users backends. Hehehe, I guess this is something so small that gets my hair roughed up…incredible. I will try to desactivate Adminimize and User Role editor…but on the other hand I do not have the possibility to leave the backend open to editors…we will make it happen :-). It is far too good to stop right now! Greetz!

Dear Oskar,

I installed the update! The database update works. I checked it back in the base itself and it did not mess up anything – all clear. 2FA now appears as a global menu point – that works like a charme. My installed Google Auth mechanism also works as before. When I check editors now I get the formular and the input field for the code but no additional button shows up. I cannot login to the account and can not ensure myself if the plugin is managable. If I uncheck editors however the plugin does not appear in the root menu of the editors and I cannot make any settings. Now I am stuck because I do not actually know ehether this is a fault of my istallation or a pure illogical thinking error. I tried to works with Adminimize, a great plugin to trim the backend according to user roles. Unfortunately 2FA does not appear in the settings page of Adminimize and also User Role Editor does not show any additional rights management for the plugin. I guess all is due to the button I miss for send the first E-Mail. If I managed to do that maybe the menu point appears and I can reconfigure for true Google Auth in the settings itself. I am still working on this and have two fixes to go for. However at the moment I got a little stuck at the level of technical realization:

1st: force 2FA to appear in the editors backend without activation…I turned my head to the wordpress tutorials and docs, but I do not find the right approach.

2nd: make the button finally appear which for some obscure reasons does not happen. I finally deleted all my login page hacks…the css I gave you above. It turns back to WP standards….but also shows the text input without a button.

Just to ensure me: does the plug send the first code automatically without any button to appear or should it appear on first login-visit?

I am still eager to make that work and I hope it will happen, hehehe. The plug is great and though I could just keep it with the admin I could really need the high level of security for all my users as it is a CMS for a school which in the future should provide features that ask for the handling of sensitive data as well.

Any idea is really appreciated but I know it is hard for you to tell what happens.

Thanks for your valuable and high end support/ work on this.
Greetz from Chile!

Micha

Oskar,

thanks for looking into that. Regarding to the email feature: you should not worry because I made several test yesterday and found out that some wordpress mails get through, others not. I have some small features installed which refer email in one or the other way – they also do not get through. I guess this is due to my localhost installlation – I played around with several tutorials from the internet which describe how to make it work for Mac and Mamp – it is complicated and I did not succeed so far. Your idea is quite good – a root item would be perfect! I totally understand that restricting it to the admin is not a good idea due to the given reasons.

Let me know how I can help to test! Friday night I will look out for the update and have a go and try. Unfortunately in these moments I can only try in a local environment but it is still something!

Greetz from Chile
Micha

Wow, it is me again. I feel so sorry about spamming your account here, maybe we can finally combine all these posts but besides the missing button for email auth now I understand what the real problem is in my case.

I totally overread “Users can change their own settings on Users -> Two Factor Auth when they’re logged in.” My problem is that at this point of time I have to hide the menue “users” from anyone (editors) besides me. This means that by this point of time neither I would be able to easily set google auth for my users nor they due to the absence of the menue point in their backend. The question is if this mechanism will be altered in the new version that you upload on Friday. I really love the plugin and would love to have it up and working. In my eyes it is the best thing to go with in fields of 2 factor auth and I have been playing around with a lot of options and different plugs. If there was any way to set the rights user specifically by the admin and then enter the key manually into the downloaded google apps of our staff that would be just awesome. For now I prefer Google Auth over e-mail because it is much more secure. Okay, definitely my last post and I hope I did not intrude!

I just realized that I should really leave some quality information for you in case you want to check whether this was something to debug:

I have this css as an add-on in the WHITELABEL CMS Settings;
I do not do much more than hide error messages to prevent bots from reading out user information, put a cover background, hide blog and reset password link, and for the sake of the eye I add a little transparency which is due to the bgr pic. I had nevertheless a version of E-Mail Login installed which was due to different experiemets referring to possible user login mechanisms which I deinstalled properly and cleaned the database of any unwanted leftovers. I have a caching plug installed, the small one by Sergej, not W3 Cache due to its recents compatibility issues.

body.login{
background-image:url(‘https://localhost:8888/wp-content/uploads/2013/05/schule.jpg’);
no-repeat center center fixed;
-webkit-background-size: cover;
-moz-background-size: cover;
-o-background-size: cover;
background-size: cover;}

body.login div#login {padding-left:225px;}
.message, #login_error { display:none; }
.login #login p#nav a {display:none}
body.login div#login p#backtoblog {display:none}
body.login div#login p#backtoblog a {display:none}
.login form {background-color: #ffffff; zoom: 1;
filter: alpha(opacity=94);
opacity: 0.94; }