Google Authenticator - Version 0.35

Version Description

Initial WordPress app support added (XMLRPC).

Release Info

Developer	Henrik.Schack
Plugin	Google Authenticator
Version	0.35
Comparing to
See all releases

Code changes from version 0.30 to 0.35

Files changed (4) hide show

google-authenticator.php +129 -28
lang/google-authenticator.pot +45 -23
readme.txt +18 -5
screenshot-2.jpg +0 -0

google-authenticator.php CHANGED Viewed

	@@ -4,9 +4,9 @@ Plugin Name: Google Authenticator
4	Plugin URI: http://henrik.schack.dk/google-authenticator-for-wordpress
5	Description: Two-Factor Authentication for WordPress using the Android/iPhone/Blackberry app as One Time Password generator.
6	Author: Henrik Schack
7	- Version: 0.30
8	Author URI: http://henrik.schack.dk/
9	- Compatibility: WordPress 3.2~~-RC2~~
10	Text Domain: google-authenticator
11	Domain Path: /lang
12
	@@ -53,7 +53,7 @@ function init() {
53	require_once( 'base32.php' );
54
55	add_action( 'login_form', array( $this, 'loginform' ) );
56	- add_filter( '~~wp_authenticate_user~~', array( $this, 'check_otp' ) );
57
58	if ( defined( 'DOING_AJAX' ) && DOING_AJAX )
59	add_action( 'wp_ajax_GoogleAuthenticator_action', array( $this, 'ajax_callback' ) );
	@@ -129,22 +129,50 @@ function loginform() {
129	* @param wordpressuser
130	* @return user/loginstatus
131	*/
132	- function check_otp( $user ) {






133
134	// Does the user have the Google Authenticator enabled ?
135	- if ( trim(get_user_option('googleauthenticator_enabled',$user->ID)) == 'enabled' ) {
136
137	// Get the users secret
138	$GA_secret = trim( get_user_option( 'googleauthenticator_secret', $user->ID ) );
139
140	// Get the verification code entered by the user trying to login
141	$otp = intval( trim( $_POST[ 'otp' ] ) );
142	-
143	// Valid code ?
144	- if ( ! $this->verify( $GA_secret, $otp ) )
145	- return ~~new WP_Error( 'invalid_google_authenticator_token', __( '<strong>ERROR</strong>: The Google Authenticator code is incorrect or has expired.', 'google-authenticator' ) )~~;
146	- }
147	- ~~return~~ ~~$user;~~






















148	}
149
150
	@@ -154,18 +182,28 @@ function check_otp( $user ) {
154	function profile_personal_options() {
155	global $user_id, $is_profile_page;
156
157	- $GA_secret =trim( get_user_option( 'googleauthenticator_secret', $user_id ) );
158	- $GA_enabled =trim( get_user_option( 'googleauthenticator_enabled', $user_id ) );
159	- $GA_description =trim( get_user_option( 'googleauthenticator_description', $user_id ) );








160
161	// In case the user has no secret ready (new install), we create one.
162	- if ( '' == $GA_secret )
163	$GA_secret = $this->create_secret();
164	-

165	// Use "WordPress Blog" as default description
166	- if ( '' == $GA_description )
167	$GA_description = __( 'WordPress Blog', 'google-authenticator' );
168	-

169	echo "<h3>".__( 'Google Authenticator Settings', 'google-authenticator' )."</h3>\n";
170
171	echo "<table class=\"form-table\">\n";
	@@ -173,7 +211,7 @@ function profile_personal_options() {
173	echo "<tr>\n";
174	echo "<th scope=\"row\">".__( 'Active', 'google-authenticator' )."</th>\n";
175	echo "<td>\n";
176	- echo "<~~div><~~input name=\"GA_enabled\" id=\"GA_enabled\" class=\"tog\" type=\"checkbox\"" . checked( $GA_enabled, 'enabled', false ) . "~~/></div>\~~n";
177	echo "</td>\n";
178	echo "</tr>\n";
179
	@@ -184,13 +222,13 @@ function profile_personal_options() {
184	if ( $is_profile_page \|\| IS_PROFILE_PAGE ) {
185	echo "<tr>\n";
186	echo "<th><label for=\"GA_description\">".__('Description','google-authenticator')."</label></th>\n";
187	- echo "<td><input name=\"GA_description\" id=\"GA_description\" value=\"{$GA_description}\" type=\"text\" /><span class=\"description\">".__(' Description that you\'ll see in the Google Authenticator app on your phone.','google-authenticator')."</span><br /></td>\n";
188	echo "</tr>\n";
189
190	echo "<tr>\n";
191	echo "<th><label for=\"GA_secret\">".__('Secret','google-authenticator')."</label></th>\n";
192	echo "<td>\n";
193	- echo "<input name=\"GA_secret\" id=\"GA_secret\" value=\"{$GA_secret}\" readonly=\"~~true~~\" type=\"text\" />";
194	echo "<input name=\"GA_newsecret\" id=\"GA_newsecret\" value=\"".__("Create new secret",'google-authenticator')."\" type=\"button\" class=\"button\" />";
195	echo "<input name=\"show_qr\" id=\"show_qr\" value=\"".__("Show/Hide QR code",'google-authenticator')."\" type=\"button\" class=\"button\" onclick=\"jQuery('#GA_QR_INFO').toggle('slow');\" />";
196	echo "</td>\n";
	@@ -204,13 +242,29 @@ function profile_personal_options() {
204	echo "</div></td>\n";
205	echo "</tr>\n";
206















207	}
208	-
209
210	echo "</tbody></table>\n";
211	echo "<script type=\"text/javascript\">\n";
212	echo "var GAnonce='".wp_create_nonce('GoogleAuthenticatoraction')."';\n";
213	echo <<<ENDOFJS

214	jQuery('#GA_newsecret').bind('click', function() {
215	var data=new Object();
216	data['action'] = 'GoogleAuthenticator_action';
	@@ -230,6 +284,36 @@ function profile_personal_options() {
230	jQuery('#GA_QRCODE').attr('src',qrcodeurl);
231	});
232






























233	</script>
234	ENDOFJS;
235
	@@ -243,16 +327,32 @@ function personal_options_update() {
243
244	$GA_enabled = trim( $_POST['GA_enabled'] );
245	$GA_secret = trim( $_POST['GA_secret'] );
246	- $~~GA_description~~ = trim( $_POST['~~GA_description~~'] );

247
248	- if ( '' == $GA_enabled )
249	$GA_enabled = 'disabled';
250	- else
251	$GA_enabled = 'enabled';














252
253	update_user_option( $user_id, 'googleauthenticator_enabled', $GA_enabled, true );
254	update_user_option( $user_id, 'googleauthenticator_secret', $GA_secret, true );
255	- update_user_option( $user_id, '~~googleauthenticator_description~~', $~~GA_description~~, true );

256	}
257
258	/**
	@@ -283,11 +383,12 @@ function edit_user_profile_update() {
283
284	$GA_enabled = trim( $_POST['GA_enabled'] );
285
286	- if ( '' == $GA_enabled )
287	$GA_enabled = 'disabled';
288	- else
289	$GA_enabled = 'enabled';
290	-

291	update_user_option( $user_id, 'googleauthenticator_enabled', $GA_enabled, true );
292	}
293


4	Plugin URI: http://henrik.schack.dk/google-authenticator-for-wordpress
5	Description: Two-Factor Authentication for WordPress using the Android/iPhone/Blackberry app as One Time Password generator.
6	Author: Henrik Schack
7	+ Version: 0.35
8	Author URI: http://henrik.schack.dk/
9	+ Compatibility: WordPress 3.2
10	Text Domain: google-authenticator
11	Domain Path: /lang
12

53	require_once( 'base32.php' );
54
55	add_action( 'login_form', array( $this, 'loginform' ) );
56	+ add_filter( 'authenticate', array( $this, 'check_otp' ), 50, 3 );
57
58	if ( defined( 'DOING_AJAX' ) && DOING_AJAX )
59	add_action( 'wp_ajax_GoogleAuthenticator_action', array( $this, 'ajax_callback' ) );

129	* @param wordpressuser
130	* @return user/loginstatus
131	*/
132	+ function check_otp( $user, $username = '', $password = '' ) {
133	+ // Store result of loginprocess, so far.
134	+ $userstate = $user;
135	+
136	+ // Get information on user, we need this in case an app password has been enabled,
137	+ // since the $user var only contain an error at this point in the login flow.
138	+ $user = get_userdatabylogin( $username );
139
140	// Does the user have the Google Authenticator enabled ?
141	+ if ( trim(get_user_option( 'googleauthenticator_enabled', $user->ID ) ) == 'enabled' ) {
142
143	// Get the users secret
144	$GA_secret = trim( get_user_option( 'googleauthenticator_secret', $user->ID ) );
145
146	// Get the verification code entered by the user trying to login
147	$otp = intval( trim( $_POST[ 'otp' ] ) );
148	+
149	// Valid code ?
150	+ if ( $this->verify( $GA_secret, $otp ) ) {
151	+ return $userstate;
152	+ } else {
153	+ // No, lets see if an app password is enabled
154	+ if ( trim( get_user_option( 'googleauthenticator_pwdenabled', $user->ID ) ) == 'enabled' ) {
155	+ $GA_passwords = json_decode( get_user_option( 'googleauthenticator_passwords', $user->ID ) );
156	+ $passwordsha1 = trim($GA_passwords->{'password'} );
157	+ $usersha1 = sha1( strtoupper( str_replace( ' ', '', $password ) ) );
158	+ if ( $passwordsha1 == $usersha1 ) {
159	+ return new WP_User( $user->ID );
160	+ } else {
161	+ if ( $otp == '' ) {
162	+ // No Google Authenticator code entered, must be a wrong app login attempt
163	+ return new WP_Error( 'invalid_google_authenticator_password', __( '<strong>ERROR</strong>: The Google Authenticator password is incorrect.', 'google-authenticator' ) );
164	+ } else {
165	+ return new WP_Error( 'invalid_google_authenticator_token', __( '<strong>ERROR</strong>: The Google Authenticator code is incorrect or has expired.', 'google-authenticator' ) );
166	+ }
167	+ }
168	+ } else {
169	+ return new WP_Error( 'invalid_google_authenticator_token', __( '<strong>ERROR</strong>: The Google Authenticator code is incorrect or has expired.', 'google-authenticator' ) );
170	+ }
171	+ }
172	+ }
173	+ // Google Authenticator isn't enabled for this account,
174	+ // just resume normal authentication.
175	+ return $userstate;
176	}
177
178

182	function profile_personal_options() {
183	global $user_id, $is_profile_page;
184
185	+ $GA_secret = trim( get_user_option( 'googleauthenticator_secret', $user_id ) );
186	+ $GA_enabled = trim( get_user_option( 'googleauthenticator_enabled', $user_id ) );
187	+ $GA_description = trim( get_user_option( 'googleauthenticator_description', $user_id ) );
188	+ $GA_pwdenabled = trim( get_user_option( 'googleauthenticator_pwdenabled', $userid ) );
189	+ $GA_password = trim( get_user_option( 'googleauthenticator_passwords', $user_id ) );
190	+
191	+ // We dont store the generated app password in cleartext so there is no point in trying
192	+ // to show the user anything except from the fact that a password exists.
193	+ if ( $GA_password != '' ) {
194	+ $GA_password = "XXXX XXXX XXXX XXXX";
195	+ }
196
197	// In case the user has no secret ready (new install), we create one.
198	+ if ( '' == $GA_secret ) {
199	$GA_secret = $this->create_secret();
200	+ }
201	+
202	// Use "WordPress Blog" as default description
203	+ if ( '' == $GA_description ) {
204	$GA_description = __( 'WordPress Blog', 'google-authenticator' );
205	+ }
206	+
207	echo "<h3>".__( 'Google Authenticator Settings', 'google-authenticator' )."</h3>\n";
208
209	echo "<table class=\"form-table\">\n";

211	echo "<tr>\n";
212	echo "<th scope=\"row\">".__( 'Active', 'google-authenticator' )."</th>\n";
213	echo "<td>\n";
214	+ echo "<input name=\"GA_enabled\" id=\"GA_enabled\" class=\"tog\" type=\"checkbox\"" . checked( $GA_enabled, 'enabled', false ) . "/>\n";
215	echo "</td>\n";
216	echo "</tr>\n";
217

222	if ( $is_profile_page \|\| IS_PROFILE_PAGE ) {
223	echo "<tr>\n";
224	echo "<th><label for=\"GA_description\">".__('Description','google-authenticator')."</label></th>\n";
225	+ echo "<td><input name=\"GA_description\" id=\"GA_description\" value=\"{$GA_description}\" type=\"text\" size=\"25\" /><span class=\"description\">".__(' Description that you\'ll see in the Google Authenticator app on your phone.','google-authenticator')."</span><br /></td>\n";
226	echo "</tr>\n";
227
228	echo "<tr>\n";
229	echo "<th><label for=\"GA_secret\">".__('Secret','google-authenticator')."</label></th>\n";
230	echo "<td>\n";
231	+ echo "<input name=\"GA_secret\" id=\"GA_secret\" value=\"{$GA_secret}\" readonly=\"readonly\" type=\"text\" size=\"25\" />";
232	echo "<input name=\"GA_newsecret\" id=\"GA_newsecret\" value=\"".__("Create new secret",'google-authenticator')."\" type=\"button\" class=\"button\" />";
233	echo "<input name=\"show_qr\" id=\"show_qr\" value=\"".__("Show/Hide QR code",'google-authenticator')."\" type=\"button\" class=\"button\" onclick=\"jQuery('#GA_QR_INFO').toggle('slow');\" />";
234	echo "</td>\n";

242	echo "</div></td>\n";
243	echo "</tr>\n";
244
245	+ echo "<tr>\n";
246	+ echo "<th scope=\"row\">".__( 'Enable App password', 'google-authenticator' )."</th>\n";
247	+ echo "<td>\n";
248	+ echo "<input name=\"GA_pwdenabled\" id=\"GA_pwdenabled\" class=\"tog\" type=\"checkbox\"" . checked( $GA_pwdenabled, 'enabled', false ) . "/><span class=\"description\">".__(' Enabling an App password will decrease your overall login security.','google-authenticator')."</span>\n";
249	+ echo "</td>\n";
250	+ echo "</tr>\n";
251	+
252	+ echo "<tr>\n";
253	+ echo "<th></th>\n";
254	+ echo "<td>\n";
255	+ echo "<input name=\"GA_password\" id=\"GA_password\" readonly=\"readonly\" value=\"".$GA_password."\" type=\"text\" size=\"25\" />";
256	+ echo "<input name=\"GA_createpassword\" id=\"GA_createpassword\" value=\"".__("Create new password",'google-authenticator')."\" type=\"button\" class=\"button\" />";
257	+ echo "<span class=\"description\" id=\"GA_passworddesc\">".__(' Password is not stored in cleartext, this is your only chance to see it.','google-authenticator')."</span>\n";
258	+ echo "</td>\n";
259	+ echo "</tr>\n";
260	}
261	+
262
263	echo "</tbody></table>\n";
264	echo "<script type=\"text/javascript\">\n";
265	echo "var GAnonce='".wp_create_nonce('GoogleAuthenticatoraction')."';\n";
266	echo <<<ENDOFJS
267	+ var pwdata;
268	jQuery('#GA_newsecret').bind('click', function() {
269	var data=new Object();
270	data['action'] = 'GoogleAuthenticator_action';

284	jQuery('#GA_QRCODE').attr('src',qrcodeurl);
285	});
286
287	+ jQuery('#GA_createpassword').bind('click',function() {
288	+ var data=new Object();
289	+ data['action'] = 'GoogleAuthenticator_action';
290	+ data['nonce'] = GAnonce;
291	+ data['save'] = 1;
292	+ jQuery.post(ajaxurl, data, function(response) {
293	+ jQuery('#GA_password').val(response['new-secret'].match(new RegExp(".{0,4}","g")).join(' '));
294	+ jQuery('#GA_passworddesc').show();
295	+ });
296	+ });
297	+
298	+ jQuery('#GA_enabled').bind('change',function() {
299	+ GoogleAuthenticator_apppasswordcontrol();
300	+ });
301	+
302	+ jQuery(document).ready(function() {
303	+ jQuery('#GA_passworddesc').hide();
304	+ GoogleAuthenticator_apppasswordcontrol();
305	+ });
306	+
307	+ function GoogleAuthenticator_apppasswordcontrol() {
308	+ if (jQuery('#GA_enabled').is(':checked')) {
309	+ jQuery('#GA_pwdenabled').removeAttr('disabled');
310	+ jQuery('#GA_createpassword').removeAttr('disabled');
311	+ } else {
312	+ jQuery('#GA_pwdenabled').removeAttr('checked')
313	+ jQuery('#GA_pwdenabled').attr('disabled', true);
314	+ jQuery('#GA_createpassword').attr('disabled', true);
315	+ }
316	+ }
317	</script>
318	ENDOFJS;
319

327
328	$GA_enabled = trim( $_POST['GA_enabled'] );
329	$GA_secret = trim( $_POST['GA_secret'] );
330	+ $GA_pwdenabled = trim( $_POST['GA_pwdenabled'] );
331	+ $GA_password = str_replace(' ', '', trim( $_POST['GA_password'] ) );
332
333	+ if ( '' == $GA_enabled ) {
334	$GA_enabled = 'disabled';
335	+ } else {
336	$GA_enabled = 'enabled';
337	+ }
338	+
339	+ if ( '' == $GA_pwdenabled ) {
340	+ $GA_pwdenabled = 'disabled';
341	+ } else {
342	+ $GA_pwdenabled = 'enabled';
343	+ }
344	+
345	+ // Only store password if a new one has been generated.
346	+ if (strtoupper($GA_password) != 'XXXXXXXXXXXXXXXX' ) {
347	+ // Store the password in a format that can be expanded easily later on if needed.
348	+ $GA_password = array( 'appname' => 'Default', 'password' => sha1( $GA_password ) );
349	+ update_user_option( $user_id, 'googleauthenticator_passwords', json_encode( $GA_password ), true );
350	+ }
351
352	update_user_option( $user_id, 'googleauthenticator_enabled', $GA_enabled, true );
353	update_user_option( $user_id, 'googleauthenticator_secret', $GA_secret, true );
354	+ update_user_option( $user_id, 'googleauthenticator_pwdenabled', $GA_pwdenabled, true );
355	+
356	}
357
358	/**

383
384	$GA_enabled = trim( $_POST['GA_enabled'] );
385
386	+ if ( '' == $GA_enabled ) {
387	$GA_enabled = 'disabled';
388	+ } else {
389	$GA_enabled = 'enabled';
390	+ }
391	+
392	update_user_option( $user_id, 'googleauthenticator_enabled', $GA_enabled, true );
393	}
394

lang/google-authenticator.pot CHANGED Viewed

	@@ -2,9 +2,9 @@
2	# This file is distributed under the same license as the Google Authenticator package.
3	msgid ""
4	msgstr ""
5	- "Project-Id-Version: Google Authenticator 0.20\n"
6	"Report-Msgid-Bugs-To: http://wordpress.org/tag/google-authenticator\n"
7	- "POT-Creation-Date: 2011-05-17 19:38~~:36~~+00:00\n"
8	"MIME-Version: 1.0\n"
9	"Content-Type: text/plain; charset=UTF-8\n"
10	"Content-Transfer-Encoding: 8bit\n"
	@@ -12,56 +12,78 @@ msgstr ""
12	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
13	"Language-Team: LANGUAGE <LL@li.org>\n"
14
15	- #: google-authenticator.php:89
16	msgid ""
17	- "If ~~You~~ don't have Google Authenticator enabled for ~~Your~~ ~~Wordpress~~ account, "
18	"leave this field empty."
19	msgstr ""
20
21	- #: google-authenticator.php:89
22	msgid "Google Authenticator code"
23	msgstr ""
24
25	- #: google-authenticator.php:~~138~~
26	- msgid "~~Wordpress~~ ~~blog~~"
27	msgstr ""
28
29	- #: google-authenticator.php:~~141~~ google-authenticator.php:~~247~~
30	- msgid "~~Google Authenticator settings~~"






31	msgstr ""
32
33	- #: google-authenticator.php:~~146~~ google-authenticator.php:~~251~~




34	msgid "Active"
35	msgstr ""
36
37	- #: google-authenticator.php:~~165~~
38	msgid "Description"
39	msgstr ""
40
41	- #: google-authenticator.php:~~166~~
42	- msgid " ~~Description you'll see on your phone.~~"

43	msgstr ""
44
45	- #: google-authenticator.php:~~170~~
46	msgid "Secret"
47	msgstr ""
48
49	- #: google-authenticator.php:~~173~~
50	msgid "Create new secret"
51	msgstr ""
52
53	- #: google-authenticator.php:~~174~~
54	msgid "Show/Hide QR code"
55	msgstr ""
56
57	- #: google-authenticator.php:~~182~~
58	- msgid "~~<br/>~~ Scan this with the Google Authenticator app."












59	msgstr ""
60
61	- #: google-authenticator.php:~~323~~
62	msgid ""
63	- "~~Google~~ ~~Authenticator:~~ ~~Something~~ is ~~missing~~, this ~~plugin~~ ~~requires~~ ~~the~~ ~~SHA1~~ & "
64	- "SHA256 Hashing algorithms to be present in your PHP installation."
65	msgstr ""
66
67	#. Plugin Name of the plugin/theme
	@@ -74,8 +96,8 @@ msgstr ""
74
75	#. Description of the plugin/theme
76	msgid ""
77	- "~~Multi~~-Factor Authentication for ~~Wordpress~~ using the Android/~~Iphone~~/"
78	- "~~Blackberry~~ app as One Time Password generator."
79	msgstr ""
80
81	#. Author of the plugin/theme


2	# This file is distributed under the same license as the Google Authenticator package.
3	msgid ""
4	msgstr ""
5	+ "Project-Id-Version: Google Authenticator 0.35\n"
6	"Report-Msgid-Bugs-To: http://wordpress.org/tag/google-authenticator\n"
7	+ "POT-Creation-Date: 2011-07-18 20:06:38+00:00\n"
8	"MIME-Version: 1.0\n"
9	"Content-Type: text/plain; charset=UTF-8\n"
10	"Content-Transfer-Encoding: 8bit\n"

12	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
13	"Language-Team: LANGUAGE <LL@li.org>\n"
14
15	+ #: google-authenticator.php:120
16	msgid ""
17	+ "If you don't have Google Authenticator enabled for your WordPress account, "
18	"leave this field empty."
19	msgstr ""
20
21	+ #: google-authenticator.php:120
22	msgid "Google Authenticator code"
23	msgstr ""
24
25	+ #: google-authenticator.php:163
26	+ msgid "<strong>ERROR</strong>: The Google Authenticator password is incorrect."
27	msgstr ""
28
29	+ #: google-authenticator.php:165 google-authenticator.php:169
30	+ msgid ""
31	+ "<strong>ERROR</strong>: The Google Authenticator code is incorrect or has "
32	+ "expired."
33	+ msgstr ""
34	+
35	+ #: google-authenticator.php:204
36	+ msgid "WordPress Blog"
37	msgstr ""
38
39	+ #: google-authenticator.php:207 google-authenticator.php:365
40	+ msgid "Google Authenticator Settings"
41	+ msgstr ""
42	+
43	+ #: google-authenticator.php:212 google-authenticator.php:369
44	msgid "Active"
45	msgstr ""
46
47	+ #: google-authenticator.php:224
48	msgid "Description"
49	msgstr ""
50
51	+ #: google-authenticator.php:225
52	+ msgid ""
53	+ " Description that you'll see in the Google Authenticator app on your phone."
54	msgstr ""
55
56	+ #: google-authenticator.php:229
57	msgid "Secret"
58	msgstr ""
59
60	+ #: google-authenticator.php:232
61	msgid "Create new secret"
62	msgstr ""
63
64	+ #: google-authenticator.php:233
65	msgid "Show/Hide QR code"
66	msgstr ""
67
68	+ #: google-authenticator.php:241
69	+ msgid "Scan this with the Google Authenticator app."
70	+ msgstr ""
71	+
72	+ #: google-authenticator.php:246
73	+ msgid "Enable App password"
74	+ msgstr ""
75	+
76	+ #: google-authenticator.php:248
77	+ msgid " Enabling an App password will decrease your overall login security."
78	+ msgstr ""
79	+
80	+ #: google-authenticator.php:256
81	+ msgid "Create new password"
82	msgstr ""
83
84	+ #: google-authenticator.php:257
85	msgid ""
86	+ " Password is not stored in cleartext, this is your only chance to see it."

87	msgstr ""
88
89	#. Plugin Name of the plugin/theme

96
97	#. Description of the plugin/theme
98	msgid ""
99	+ "Two-Factor Authentication for WordPress using the Android/iPhone/Blackberry "
100	+ "app as One Time Password generator."
101	msgstr ""
102
103	#. Author of the plugin/theme

readme.txt CHANGED Viewed

	@@ -1,10 +1,10 @@
1	=== Google Authenticator ===
2	Contributors: Henrik.Schack
3	- Donate Link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=~~CA36JVKMLE9EA~~&lc=DK&item_number=Google%20Authenticator&~~currency_code~~=~~USD~~&bn=PP%2dDonationsBF%~~3abtn_donate_LG%2egif%3aNonHosted~~
4	Tags: authentication,otp,password,security,login,android,iphone,blackberry
5	Requires at least: 3.1.2
6	- Tested up to: 3.2~~-RC2~~
7	- Stable tag: 0.30
8
9	Google Authenticator for your WordPress blog.
10
	@@ -16,6 +16,9 @@ If you are security aware, you may already have the Google Authenticator app ins
16
17	The two-factor authentication requirement can be enabled on a per-user basis. You could enable it for your administrator account, but log in as usual with less privileged accounts.
18



19	== Installation ==
20
21	1. Install and activate the plugin.
	@@ -26,9 +29,13 @@ The two-factor authentication requirement can be enabled on a per-user basis. Yo
26
27	== Frequently Asked Questions ==
28




29	= Can I use Google Authenticator for WordPress with the Android/iPhone apps for WordPress? =
30
31	- No, ~~that~~ ~~won't~~ ~~work,~~ ~~but~~ ~~you~~ ~~could~~ ~~create~~ a ~~special~~ ~~account~~ ~~for~~ ~~mobile~~ ~~usage~~ ~~and~~ ~~choose~~ ~~not~~ to ~~enable~~ ~~the~~ ~~usage~~ of ~~Google~~ ~~Authenticator~~ ~~for~~ ~~this~~ ~~account~~.
32
33	= I want to update the secret, should I just scan the new QR code after creating a new secret? =
34
	@@ -36,7 +43,9 @@ No, you'll have to delete the existing account from the Google Authenticator app
36
37	= Sometimes I am unable to log in using this plugin, the first code never works, what's wrong ? =
38
39	- The Google Authenticator verification codes are time based, so it's crucial that the clock in your phone is accurate and in sync with the ~~time~~ on the server where your WordPress installation is hosted.


40
41	== Screenshots ==
42
	@@ -47,6 +56,9 @@ The Google Authenticator verification codes are time based, so it's crucial that
47
48	== Changelog ==
49



50	= 0.30 =
51	* Code cleanup
52	* Changed generation of secret key, to no longer have requirement of SHA256 on the server
	@@ -60,3 +72,4 @@ The Google Authenticator verification codes are time based, so it's crucial that
60	Thanks to:
61
62	[Tobias B�thge](http://tobias.baethge.com/) for his code rewrite and German translation.


1	=== Google Authenticator ===
2	Contributors: Henrik.Schack
3	+ Donate Link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=henrik%40schack%2edk&lc=US&item_name=Google%20Authenticator&item_number=Google%20Authenticator&no_shipping=0&no_note=1&tax=0&bn=PP%2dDonationsBF&charset=UTF%2d8
4	Tags: authentication,otp,password,security,login,android,iphone,blackberry
5	Requires at least: 3.1.2
6	+ Tested up to: 3.2
7	+ Stable tag: 0.35
8
9	Google Authenticator for your WordPress blog.
10

16
17	The two-factor authentication requirement can be enabled on a per-user basis. You could enable it for your administrator account, but log in as usual with less privileged accounts.
18
19	+ If You need to maintain your blog using an Android/iPhone app, or any other software using the XMLRPC interface, you can enable the App password feature in this plugin,
20	+ but please note that enabling the App password feature will make your blog less secure.
21	+
22	== Installation ==
23
24	1. Install and activate the plugin.

29
30	== Frequently Asked Questions ==
31
32	+ = The iPhone app keeps telling me I'm trying to scan an authentication token barcode that isn't valid, what to do ? =
33	+
34	+ Apparently the iPhone app won't accept a barcode containing space characters in the description, removing space characters in the description should fix the problem.
35	+
36	= Can I use Google Authenticator for WordPress with the Android/iPhone apps for WordPress? =
37
38	+ Yes, you can enable the App password feature to make that possible, but notice that the XMLRPC interface isn't protected by two-factor authentication, only a long password.
39
40	= I want to update the secret, should I just scan the new QR code after creating a new secret? =
41

43
44	= Sometimes I am unable to log in using this plugin, the first code never works, what's wrong ? =
45
46	+ The Google Authenticator verification codes are time based, so it's crucial that the clock in your phone is accurate and in sync with the clock on the server where your WordPress installation is hosted.
47	+
48	+ If you have an Android phone, you can use an app like [ClockSync](https://market.android.com/details?id=ru.org.amip.ClockSync) to set your clock in case your Cell provider doesn't provide accurate time information
49
50	== Screenshots ==
51

56
57	== Changelog ==
58
59	+ = 0.35 =
60	+ * Initial WordPress app support added (XMLRPC).
61	+
62	= 0.30 =
63	* Code cleanup
64	* Changed generation of secret key, to no longer have requirement of SHA256 on the server

72	Thanks to:
73
74	[Tobias B�thge](http://tobias.baethge.com/) for his code rewrite and German translation.
75	+

screenshot-2.jpg CHANGED Viewed

Binary file