Google Authenticator – WordPress Two Factor Authentication (2FA) -

Version Description

Google Authenticator - Two factor Authentication (2FA, OTP) :
Bug fix - Save template for notifications on email
Bug fix - Error in SMS authentication setup through plugin dashboard
Updated Network Security removal notice message

Release Info

Developer	mayurjogale
Plugin	Google Authenticator – WordPress Two Factor Authentication (2FA)
Version	5.6.5
Comparing to
See all releases

Code changes from version 5.6.4 to 5.6.5

Files changed (6) hide show

controllers/notification-settings.php +2 -2
helper/messages.php +3 -5
includes/css/phone.css +28 -20
miniorange_2_factor_settings.php +16 -72
readme.txt +62 -65
views/twofa/setup/setup_otp_over_sms.php +1 -1

controllers/notification-settings.php CHANGED Viewed

	@@ -14,11 +14,11 @@
14	case "mo_wpns_enable_unusual_activity_email_to_user":
15	wpns_handle_notify_unusual_activity($_POST); break;
16	case "custom_user_template":
17	- wpns_handle_custom_template(~~sanitize_text_field~~($_POST['custom_user_template'])); break;
18	case "mo_wpns_get_manual_email" :
19	wpns_handle_admin_email($_POST); break;
20	case "custom_admin_template":
21	- wpns_handle_custom_template(null,~~sanitize_text_field~~($_POST['custom_admin_template'])); break;
22	}
23	}
24	if(!get_option("admin_email_address_status")\|\| get_option("admin_email_address") ==''){


14	case "mo_wpns_enable_unusual_activity_email_to_user":
15	wpns_handle_notify_unusual_activity($_POST); break;
16	case "custom_user_template":
17	+ wpns_handle_custom_template(wp_kses_post($_POST['custom_user_template'])); break;
18	case "mo_wpns_get_manual_email" :
19	wpns_handle_admin_email($_POST); break;
20	case "custom_admin_template":
21	+ wpns_handle_custom_template(null,wp_kses_post($_POST['custom_admin_template'])); break;
22	}
23	}
24	if(!get_option("admin_email_address_status")\|\| get_option("admin_email_address") ==''){

helper/messages.php CHANGED Viewed

	@@ -184,12 +184,10 @@
184	<form id="mo2f-notification-form" class="mo2f-notification-form" method="post" action=" ">
185	<div class="mo-logo"><img width="50" height="50" src="'.MO2F_PLUGIN_URL.'includes'.DIRECTORY_SEPARATOR.'images'.DIRECTORY_SEPARATOR.'miniorange_logo.png'.'">
186	</div>
187	- ~~ ~~
188	- <p class="mo2f-notification-text"><b>Warning!</b> Website security features will be remove from next update. You can download our <a href="https://wordpress.org/plugins/miniorange-limit-login-attempts/" class="mo-limit-login-link"><u><b>Limit Login Attempts plugin</b></u></a> for using Website Security Features.</p>
189	-
190	<input type="hidden" name="mo2f_remove_network_security" value="1" />
191	- <div ~~style~~="~~text~~-~~align:center;~~">
192	- <button ~~type~~="~~submit~~" ~~class~~="~~mo2f-acknowledge-button~~" id="mo2f-acknowledge-button"~~><u~~>Dismiss</~~u></~~a>
193	</div>
194	</form>
195	</div>


184	<form id="mo2f-notification-form" class="mo2f-notification-form" method="post" action=" ">
185	<div class="mo-logo"><img width="50" height="50" src="'.MO2F_PLUGIN_URL.'includes'.DIRECTORY_SEPARATOR.'images'.DIRECTORY_SEPARATOR.'miniorange_logo.png'.'">
186	</div>
187	+ <div class="mo2f-notification-text"><b>Warning!</b> Website security features such as Firewall, Malware scan, and Limit login attempts will be shifted to the <a href="https://wordpress.org/plugins/miniorange-limit-login-attempts/" class="mo-limit-login-link"><u><b>Limit Login Attempts plugin</b></u></a> in the next update. Please note that all <b>2FA features will continue to work</b> in this plugin.</div>


188	<input type="hidden" name="mo2f_remove_network_security" value="1" />
189	+ <div class="mo2f-acknowledge-button">
190	+ <button class="button button-secondary" type="submit" id="mo2f-acknowledge-button">Dismiss</a>
191	</div>
192	</form>
193	</div>

includes/css/phone.css CHANGED Viewed

@@ -341,25 +341,32 @@
+            }
             .mo-logo {
-            -
              color: white;
-            -
              background-color: #fcf8e3!important;
-            -
              border: #fcb714!important;
-            -
              padding-top: 5px;
-            -
              padding-left: 20px;
+            }
-            -
            .mo2f-notification-text{
-            -
              color:#8a6d3b;
-            -
              font-size: 1.2em;
-            -
              padding-top: 8px!important;
+            }
-            -
            .mo2f-acknowledge-button{
-            -
              text-decoration: none;
-            -
              color:#8a6d3b;
-            -
              font-size: 1.3em;
-            -
               padding-top: 15px;
-            -
              background: none;
-            -
              border: none;
-            -
              cursor:pointer;
+            }
             .mo-limit-login-link{
               text-decoration: none;
@@ -370,7 +377,8 @@
               color:#8a6d3b;
+            }
-            -
            .mo2f-notification-form{
-            -
              display:flex;
-            -
              flex-direction: row wrap;
+            }


341
342	}
343	.mo-logo {
344	+ color: white;
345	+ background-color: #fcf8e3 !important;
346	+ border: #fcb714 !important;
347	+ padding: 0.5%;
348	+ width: 5%;
349	+ align-items: center;
350	+ text-align: center;
351	}
352	+ .mo2f-notification-text {
353	+ color: #8a6d3b;
354	+ font-size: 1.2em;
355	+ line-height: 1.4em;
356	+ width: 87%;
357	+ padding: 1%;
358	}
359	+ .mo2f-acknowledge-button {
360	+ text-decoration: none;
361	+ color: #8a6d3b;
362	+ font-size: 1.3em;
363	+ padding-top: 15px;
364	+ background: none;
365	+ border: none;
366	+ cursor: pointer;
367	+ text-align: center;
368	+ width: 8%;
369	+ padding: 1.2%;
370	}
371	.mo-limit-login-link{
372	text-decoration: none;

377	color:#8a6d3b;
378	}
379
380	+ .mo2f-notification-form {
381	+ display: flex;
382	+ flex-direction: row;
383	+ width: 100%;
384	}

miniorange_2_factor_settings.php CHANGED Viewed

@@ -3,7 +3,7 @@
              * Plugin Name: miniOrange 2 Factor Authentication
              * Plugin URI: https://miniorange.com
              * Description: This TFA plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google/Authy/LastPass Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 3 User in the free version of the plugin.
-            -
             * Version: 5.6.4
              * Author: miniOrange
              * Author URI: https://miniorange.com
              * Text Domain: miniorange-2-factor-authentication
@@ -14,7 +14,7 @@
             	require dirname(__FILE__).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'email-IPaddress.php';
                 define( 'MO_HOST_NAME', 'https://login.xecurify.com' );
-            -
            	define( 'MO2F_VERSION', '5.6.4' );
             	define( 'MO2F_PLUGIN_URL', (plugin_dir_url(__FILE__)));
             	define( 'MO2F_TEST_MODE', false );
             	define( 'MO2F_IS_ONPREM', get_option('is_onprem'));
@@ -107,7 +107,6 @@
+                    }
                     function mo2f_notices(){
-            -
                         global $Mo2fdbQueries, $mo2f_db_queries;
                         $is_customer_registered = get_option('mo_2factor_user_registration_status') == 'MO_2_FACTOR_PLUGIN_SETTINGS';
@@ -121,7 +120,6 @@
             			if(current_user_can('administrator') && get_option('mo_wpns_2fa_with_network_security') && !get_site_option('mo2f-remove-ns-acknowledged')){
             				echo MoWpnsMessages::showMessage('NOTIFYING_USER_FOR_REMOVING_NETWORK_SECURITY');
+            			}
-            -
+                    }
                     function mo2f_get_dismiss_days($option_name){
                         $one_day = 60*60*24;
@@ -794,75 +792,21 @@
                 function email_send()
+                {
-            -
-            -
-            -
                		$subject  =  'miniOrange 2FA V'. MO2F_VERSION.' | What\'s New?';
-            -
             			$messages = mail_tem();
-            -
            		    $headers = array('Content-Type: text/html; charset=UTF-8');
-            -
             			$email = get_option('admin_email');
-            -
-            -
            					update_site_option( 'mo2f_feature_vers', MoWpnsConstants::DB_FEATURE_MAIL );
-            -
                        			if(empty($email))
-            -
                      					{
-            -
                           				 	$user  =  wp_get_current_user();
-            -
                            				$email = $user->user_email;
-            -
                        				}
-            -
                        				if(is_email($email))
-            -
                        				{
-            -
            								wp_mail( $email,$subject,$messages,$headers);
-            -
            							}
-            -
            					if(get_option('mo_wpns_2fa_with_network_security'))
-            -
            					{
-            -
-            -
            						global $imagePath;
-            -
-            -
            				$subject = 'Website Security Features will be removed from next update !';
-            -
            				$headers = array('Content-Type: text/html; charset=UTF-8');
-            -
            				$email = get_option('admin_email');;
-            -
            				$message =  '<table cellpadding="25" style="margin:0px auto">
-            -
            				<tbody>
-            -
            				<td>
-            -
            				<td>
-            -
            				<table cellpadding="24" width="584px" style="margin:0 auto;max-width:584px;background-color:#f6f4f4;border:1px solid #a8adad">
-            -
            				<tbody>
-            -
            				<td>
-            -
            				<td><img src="'.$imagePath.'includes/images/xecurify-logo.png" alt="Xecurify" style="color:#5fb336;text-decoration:none;display:block;width:auto;height:auto;max-height:35px" class="CToWUd"></td>
-            -
            				</tr>
-            -
            				</tbody>
-            -
            				</table>
-            -
            				<table cellpadding="24" style="background:#fff;border:1px solid #a8adad;width:584px;border-top:none;color:#4d4b48;font-family:Arial,Helvetica,sans-serif;font-size:13px;line-height:18px">
-            -
            				<tbody>
-            -
            				<td>
-            -
            				<td>
-            -
            				<p style="margin-top:0;margin-bottom:20px">Dear Customer,</p>
-            -
            				<p style="margin-top:0;margin-bottom:20px"><b> Website Security Features </b>will be removed from next update <img src="'.$imagePath.'includes/images/warning.png" style="width:20px"> from <a href="https://wordpress.org/plugins/miniorange-2-factor-authentication/" class="mo-limit-login-link"><u><b>Google Authenticator plugin</b></u></a>.</p>
-            -
            				<p style="margin-top:0;margin-bottom:10px">You can download our <a href="https://wordpress.org/plugins/miniorange-limit-login-attempts/" class="mo-limit-login-link"><u><b>Limit Login Attempts plugin</b></u></a> for using Website Security Features.</p>
-            -
            				<p style="margin-top:0;margin-bottom:20px">For more information, you can contact us directly at 2fasupport@xecurify.com.</p>
-            -
            				<p style="margin-top:0;margin-bottom:15px">Thank you,<br>miniOrange Team</p>
-            -
            				<p style="margin-top:0;margin-bottom:0px;font-size:11px">Disclaimer: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed.</p>
-            -
            				</div></div></td>
-            -
            				</tr>
-            -
            				</tbody>
-            -
            				</table>
-            -
            				</td>
-            -
            				</tr>
-            -
            				</tbody>
-            -
            				</table>';
-            -
            				if(empty($email))
-            -
            				{
-            -
            					$user  =  wp_get_current_user();
-            -
            					$email = $user->user_email;
-            -
            					}
-            -
            					if(is_email($email))
-            -
            					{
-            -
-            -
            						wp_mail( $email,$subject,$message,$headers);
-            -
            					}
-            -
-            -
            						}
-            -
-            -
+                }
             	new Miniorange_twoFactor;


3	* Plugin Name: miniOrange 2 Factor Authentication
4	* Plugin URI: https://miniorange.com
5	* Description: This TFA plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google/Authy/LastPass Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 3 User in the free version of the plugin.
6	+ * Version: 5.6.5
7	* Author: miniOrange
8	* Author URI: https://miniorange.com
9	* Text Domain: miniorange-2-factor-authentication

14	require dirname(__FILE__).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'email-IPaddress.php';
15
16	define( 'MO_HOST_NAME', 'https://login.xecurify.com' );
17	+ define( 'MO2F_VERSION', '5.6.5' );
18	define( 'MO2F_PLUGIN_URL', (plugin_dir_url(__FILE__)));
19	define( 'MO2F_TEST_MODE', false );
20	define( 'MO2F_IS_ONPREM', get_option('is_onprem'));

107	}
108
109	function mo2f_notices(){

110	global $Mo2fdbQueries, $mo2f_db_queries;
111	$is_customer_registered = get_option('mo_2factor_user_registration_status') == 'MO_2_FACTOR_PLUGIN_SETTINGS';
112

120	if(current_user_can('administrator') && get_option('mo_wpns_2fa_with_network_security') && !get_site_option('mo2f-remove-ns-acknowledged')){
121	echo MoWpnsMessages::showMessage('NOTIFYING_USER_FOR_REMOVING_NETWORK_SECURITY');
122	}

123	}
124	function mo2f_get_dismiss_days($option_name){
125	$one_day = 606024;

792
793	function email_send()
794	{
795	+ $subject = 'miniOrange 2FA V'. MO2F_VERSION.' \| What\'s New?';
796	+ $messages = mail_tem();
797	+ $headers = array('Content-Type: text/html; charset=UTF-8');
798	+ $email = get_option('admin_email');


















































799
800	+ update_site_option( 'mo2f_feature_vers', MoWpnsConstants::DB_FEATURE_MAIL );
801	+ if(empty($email))
802	+ {
803	+ $user = wp_get_current_user();
804	+ $email = $user->user_email;
805	+ }
806	+ if(is_email($email))
807	+ {
808	+ wp_mail( $email,$subject,$messages,$headers);
809	+ }




810	}
811
812	new Miniorange_twoFactor;

readme.txt CHANGED Viewed

	@@ -1,43 +1,44 @@
1	=== miniOrange's Google Authenticator - WordPress Two Factor Authentication (2FA , Two Factor, OTP SMS and Email) \| Passwordless login ===
2
3	Contributors: twofactor, twofactorauthentication, hsn97,cyberlord92
4	- Tags: google authenticator, two-factor, two-factor authentication, OTP Authentication, 2FA , wp 2fa, 2-factor authentication, ~~multi-factor authentication,~~ MFA, Remember Device, OTP Over Telegram, passwordless login, email verification, Security Questions, FIDO, FIDO2, Webauthn, SMS login, OTP Over SMS and Email, OTP over Whatsapp, Whatsapp 2FA~~, QR Code Authentication, WordPress Authentication~~.
5	Donate link: https://miniorange.com/
6	Requires at least: 3.0.1
7	Tested up to: 6.1
8	Requires PHP: 5.3.0
9	- Stable tag: 5.6.4
10	License: GPLv2 or later
11	License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
13	- Google Authenticator~~-multi~~ ~~Factor(WP~~ ~~2FA~~ / ~~OTP)~~ - ~~Supports~~ ~~TOTP/OTP~~ ~~Login~~ ~~based~~ ~~2fa~~ ~~methods~~ ~~like~~ ~~Duo/Google~~ ~~Authenticator~~ ~~along~~ ~~with~~ ~~OTP~~ ~~Over~~ ~~SMS/Email~~ & ~~more~~.
14
15	== Description ==
16
17	- Google Authenticator - Two-Factor (WP 2FA / OTP) - ~~Provides secure login to WordPress. This plugin can be configured for any TOTP-based/OTP Login 2fa methods like Duo/Microsoft/Google Authenticator. It supports OTP login based 2fa methods.~~

18
19	- ~~USERS~~ ~~DON'T~~ ~~REQUIRE~~ ~~ACCESS~~ ~~TO THE WORDPRESS DASHBOARD TO SET UP~~ 2FA ~~making~~ it ~~extremely~~ ~~easy~~ ~~and~~ ~~secure to implement.~~
20
21	- Check out following video to configure google authenticator as a ~~2fa~~:
22
23	[youtube https://youtu.be/_nkMCkxLcIs]
24
25	[Features](https://plugins.miniorange.com/2-factor-authentication-for-wordpress-wp-2fa?utm_source=wordpress&utm_medium=readme+link&utm_campaign=last+June#key-features) \| [7 day Premium trial](https://plugins.miniorange.com/wordpress-2fa-free-trial-request)
26
27	- = [Google Authenticator - ~~Two step verification/~~ 2 Factor Authentication/ WP 2FA] =
28	- * QR Code authentication, [Push Notification](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-user-registration-login-form), [Soft Token](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-miniorange-soft-token) and [Security Questions(KBA)](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-security-question) for multi-factor authentication(WP 2FA/MFA).
29	- * Language Translation Support.
30	- * [User Profile ~~2fa~~](https://plugins.miniorange.com/how-to-set-up-2-factor-from-wordpress-user-profile-section)~~: Administrators can set up Two-Factor (2FA) of users via WordPress users section~~
31	- * Multi Factor Authentication(MFA)~~: This feature can be used to invoke any two-factor method on login among multiple methods which were configured. You can configure multiple TOTP/OTP Login based 2fa methods that can be used as a~~ backup 2fa method
32	- * Two-Factor Authentication ( TFA/2FA ) for Ajax login forms like User Pro, [login with ajax](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-login-with-ajax-form), [Theme my login](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-theme-my-login-form), etc.
33	- * [Passwordless login](https://developers.miniorange.com/docs/security/wordpress/wp-security/passwordless-login) ~~and login with phone number~~
34	- * [Prevent account sharing](https://security.miniorange.com/restricting-users-from-sharing-their-login-credentials/): Google Authenticator(WP 2FA) is OTP login based method which restricts users from sharing WordPress login credentials ~~which help to secure WordPress Websites~~. The Google authenticator plugin also adds a session control feature that limits user sessions based on WordPress User activities.
35	- * ~~This~~ plugin Supports standard TOTP
36	- * Two-Factor Authentication (WP 2FA/TFA) allows authentication on the login page itself for [Google Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/google-authenticator) & [miniOrange Soft Token](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-miniorange-soft-token).
37	- * 3 users free for lifetime.
38	- * [Multiple Login Options](https://docs.miniorange.com/documentation/login-username-2nd-factor-2): Username + password + two-factor (or) Username + two-factor i.e. [Passwordless login /Login without password /Password free authentication](https://developers.miniorange.com/docs/security/wordpress/wp-security/passwordless-login).
39	* Recovery codes in case you are locked out for all Two-Factor Authentication (WP 2FA/TFA)
40	- * Mobile verification ~~- two step verification~~ (WP 2FA/TFA) using authentication methods like [Google Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/google-authenticator), QR code authentication, etc.
41
42	= Apps Supported by the two-factor authentication (2FA / MFA) plugin =
43	* [Google Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/google-authenticator)
	@@ -53,17 +54,17 @@ Check out following video to configure google authenticator as a 2fa:
53	We are experts in the field of security and have released advanced WordPress solutions such as [Password Policy Manager]([https://plugins.miniorange.com/password-policy-manager?utm_source=wordpress&utm_medium=readme+link&utm_campaign=last+June]).
54	Apart from this, we also have [Broken Link Checker]([https://plugins.miniorange.com/broken-link-checker-finder?utm_source=wordpress&utm_medium=readme+link&utm_campaign=last+June]) to scan detect and fix your broken links to keep your site functioning smoothly.
55
56	- = User Identity Verification or multi-factor authentication with Google Authenticator =
57	- Login and Registration: Verify users on login with different TOTP ~~Login~~ methods & other OTP/~~2fa~~ methods like [~~OTP~~ ~~over~~ ~~SMS~~](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-otp-over-sms), [~~OTP~~ ~~Over~~ ~~Email~~](https://developers.miniorange.com/docs/security/wordpress/wp-security/otp_over_email), [OTP ~~Over~~ Telegram](https://developers.miniorange.com/docs/security/wordpress/wp-security/otp-over-telegram), [Google Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/google-authenticator), SMS Verification, [Email Verification](https://developers.miniorange.com/docs/security/wordpress/wp-security/email_verification), [Authy Authenticator](https://youtu.be/fV-VnC_5Q5c), [Duo Authenticator](https://youtu.be/AZnBjf_E2cA), [Microsoft Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/microsoft-authenticator), TOTP Based ~~Authenticator~~, [Security Questions](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-security-question), and many others.
58	- ~~Users will receive an~~ OTP ~~at the time of registration which will be used to verify their identity. OTP~~ authentication can be done via either of the [OTP Login](https://plugins.miniorange.com/wp-2fa-otp-based-2fa-methods) methods(~~OTP~~ ~~Over~~ ~~email~~ or via ~~OTP~~ ~~over~~ ~~SMS~~).
59
60	- = Plugin Integrations and Support for all methods of two-factor authentication~~/two~~ ~~step verification~~ ( WP 2FA~~/TFA/OTP~~ ~~Authentication~~ ) =
61	- Our plugin is ~~integrated~~ with [popular ~~Plugins~~](https://plugins.miniorange.com/2-factor-authentication-for-wordpress-wp-2fa#integrations) such as [WooCommerce](https://developers.miniorange.com/docs/security/wordpress/wp-security/2fa_on_woocomerce_login), [Ultimate member](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-ultimate-member-login-form), [User Registration](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-user-registration-login-form), [Restrict Content Pro](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-restrict-content-pro-login-form), [Login Press](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-login-press-login-form), [Registration Magic](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-registrationmagic-form), [Admin Custom Login](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-admin-custom-login-form), [Buddy Press](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-buddypress-login-form), [Theme My Login](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-theme-my-login-form), [Elementor Pro](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-elementor-pro-login-form), [Profile Builder](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-profile-builder-login-form), [Login With Ajax](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-login-with-ajax-form) and many more.
62
63	- = Third Party Custom SMS Gateway for OTP Over SMS( OTP Login~~/two-factor~~ ~~authentication / 2FA~~ ) =
64	- The premium plugin supports any third-party custom SMS Gateway. If you don't have your SMS gateway you can use miniOrange gateway and send SMS(OTP over SMS) ~~all over the world~~ for ~~OTP~~ authentication.
65	- [Here](https://plugins.miniorange.com/sms-email-gateways-supported-by-2fa-plugin) are some famous gateways supported for two-factor (WP 2FA/~~TFA/~~OTP).
66	- [Test your ~~Gateway~~](https://login.xecurify.com/moas/login?redirectUrl=https://login.xecurify.com/moas/admin/customer/smsconfig)
67
68	= Why do you need to register for google authenticator? =
69	Google authenticator uses miniOrange APIs to communicate between your WP and miniOrange. To keep this communication secure, we ask you to register and assign API keys specific to your account. This way your account and users’ calls can be only accessed by API keys assigned to you.
	@@ -71,11 +72,10 @@ Google authenticator uses miniOrange APIs to communicate between your WP and min
71
72	= Google Authenticator ( WP 2FA - two-factor authentication ) All Inclusive Plugin Features =
73
74	- * [Google Authenticator - Two-Factor Authentication (WP 2FA/TFA)](https://plugins.miniorange.com/2-factor-authentication-for-wordpress-wp-2fa?utm_source=wordpress&utm_medium=readme+link&utm_campaign=last+June) for all users and ~~all user~~ roles ( Site-based pricing )
75	- * Two-Factor Authentication Methods: [Google Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/google-authenticator), [Authy Authenticator](https://youtu.be/fV-VnC_5Q5c), [Microsoft Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/microsoft-authenticator), [LastPass Authenticator](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-user-registration-login-form), [Security Questions](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-security-question), OTP Authentication( ~~OTP~~ ~~Over~~ ~~Email~~ & ~~OTP~~ ~~Over~~ ~~SMS~~), Email Verification, Mobile Verification ( SMS credits need to be purchased ~~as per the need~~)
76	- * [Multiple Login Options](https://docs.miniorange.com/documentation/login-username-2nd-factor-2): Username + password + two-factor (or) Username + two-factor i.e. Passwordless login /Login without password /Password free authentication. You can opt between a password and 2FA or only a second factor.
77	* Unlimited Email transactions
78	- * Backup Method: KBA (Security Questions), ~~OTP~~ ~~Over~~ ~~Email~~, Backup codes.
79	* [User role based redirection after Login](https://docs.miniorange.com/documentation/custom-redirect-login-url)
80	* [Customize account name in Google Authenticator app](https://docs.miniorange.com/documentation/google-authenticator-app-name)
81	* [Custom Security Questions (KBA)](https://docs.miniorange.com/documentation/custom-security-questions)
	@@ -83,26 +83,23 @@ Google authenticator uses miniOrange APIs to communicate between your WP and min
83	* [Force Two-factor for users](https://docs.miniorange.com/documentation/enforce-2fa-users)
84	* [Email notification to users asking them to set up Two-Factor Authentication (WP 2FA/TFA)](https://docs.miniorange.com/documentation/want-send-email-notification-users-setting-2-factor)
85	* [Set Privacy Policy for users](https://docs.miniorange.com/documentation/privacy-policy-site)
86	- * [Remember Device to skip ~~2fa~~](https://docs.miniorange.com/documentation/remember-my-device)
87	* Customizable Login UI Popup: Using google authenticator plugin you can customize the user interface of the login popup as per your preference.
88	* Multisite compatible (only 3 subsites)
89
90	= Google Authenticator ( WP 2FA / OTP ) Enterprise Plugin Features =
91
92	* [Google Authenticator - Two-Factor Authentication](https://plugins.miniorange.com/2-factor-authentication-for-wordpress-wp-2fa?utm_source=wordpress&utm_medium=readme+link&utm_campaign=last+June) - 2FA for Users as per the upgrade ( User-based pricing )
93	- * Available Authentication Methods: [Google Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/google-authenticator), [Authy Authenticator](https://youtu.be/fV-VnC_5Q5c), [Microsoft Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/microsoft-authenticator), [LastPass Authenticator](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-user-registration-login-form), QR Code, [Push Notification](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-user-registration-login-form), [Soft Token](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-miniorange-soft-token), [Security Questions(KBA)](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-miniorange-soft-token), OTP Authentication([~~OTP~~ ~~Over~~ ~~Email~~](https://developers.miniorange.com/docs/security/wordpress/wp-security/otp_over_email), [~~OTP~~ ~~Over~~ ~~SMS~~](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-otp-over-sms) or OTP Over SMS and Email), [Email Verification](https://developers.miniorange.com/docs/security/wordpress/wp-security/email_verification), [Hardware Token](https://mail.google.com/mail/u/0/?fs=1&tf=cm&source=mailto&su=TWO+FACTOR+WORDRESS+-+Hardware+Token+2FA+Method+.&to=2fasupport@xecurify.com&body=I+am+interested+in+the+Hardware+Token+method+of+the+2FA+plugin.+). ( SMS and Email credits need to be purchased ~~for successful OTP authentication as per the need~~)
94	- * ~~Multiple~~ ~~Login Options~~: ~~Username~~ ~~+ password + two-factor Authentication (2FA~~) ~~or Username + two-factor authentication~~(~~2FA) i~~.e. [~~Passwordless~~ login ~~/Login~~ ~~without password~~](https://developers.miniorange.com/docs/security/wordpress/wp-security/~~passwordless~~-~~login~~).
95	- * Backup Methods: [~~KBA(Security~~ ~~Questions)](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-security-question),~~ ~~[OTP~~ ~~Over~~ ~~Email~~](https://~~developers.miniorange.com/docs/security/wordpress/wp-security/otp_over_email), [Backup Codes](https://~~plugins.miniorange.com/~~wordpress-~~two-factor-authentication-~~setup~~-~~guides#~~).
96	- * ~~[Sync~~ ~~2fa~~ for ~~multiple~~ websites](https://plugins.miniorange.com/two-factor-authentication-2fa-for-multiple-wordpress-websites)
97	- * Multisite compatible ~~for~~ ~~all~~ ~~WordPress~~ 2FA ~~methods.~~
98	- * ~~Email~~ ~~notification~~ to ~~users~~ ~~asking~~ ~~them~~ to ~~set~~ up ~~Google~~ ~~Authenticator~~ - ~~Two-Factor~~ ~~Authentication~~ ~~(WP~~ ~~2FA/TFA).~~
99	- * [User role based redirection](https://developers.miniorange.com/docs/security/wordpress/wp-security/custom-redirect-login-url) after Login, Custom Security Questions (KBA), Customizable account name in Google Authenticator app.
100	* [Enable Two-Factor Authentication (WP 2FA/OTP) for specific Users/User Roles](https://developers.miniorange.com/docs/security/wordpress/wp-security/specific-set-authentication-methods-based-role)
101	- * Choose specific ~~2fa~~ methods for Users
102	- * ~~Add-Ons Included:~~ [RBA & Trusted Devices Management ~~Add-on~~](https://developers.miniorange.com/docs/security/wordpress/wp-security/remember-my-device), [~~Personalization~~ ~~Add-on~~](https://plugins.miniorange.com/wordpress-two-factor-authentication-setup-guides#) and [Short Codes ~~Add-on~~](https://plugins.miniorange.com/wordpress-two-factor-authentication-setup-guides#)
103	- * Brute ~~force~~ ~~attack~~ ~~prevention,~~ IP ~~Blocking~~ & ~~User~~ ~~login~~ Monitoring
104	- * File protection & strong password
105	- * Monitoring current Google Authenticator and other two-factor authentication (2 Factor) method of all the users in the plugin
106	* [Session restriction](https://plugins.miniorange.com/wordpress-two-factor-authentication-setup-guides#)
107
108	= Add Ons for two-factor authentication ( WP 2FA / OTP ) =
	@@ -111,7 +108,7 @@ Google authenticator uses miniOrange APIs to communicate between your WP and min
111	* Remember Device to skip the two-factor authentication ( 2 Factor ) from the trusted devices.
112	* Set Device Limit for the users to login
113
114	- * [~~Personalization~~ Add-on](https://plugins.miniorange.com/wordpress-two-factor-authentication-setup-guides#) Features to customize your two-factor authentication/OTP Authentication pages
115	* Custom UI of Two-Factor Authentication (WP 2FA/TFA) pop-ups
116	* Custom Email and SMS Templates
117	* Customize 'Powered by' Logo on wp 2fa authentication page
	@@ -125,9 +122,7 @@ Google authenticator uses miniOrange APIs to communicate between your WP and min
125	* On-Demand ShortCodes for specific functionalities ( like for enabling WordPress 2FA (Two-Factor authentication) for specific pages)
126
127	* [Device restriction with webauthn/ FIDO2](https://plugins.miniorange.com/passwordless-login-with-web-authentication-wordpress)
128	- Password free authentication is possible with WebAuthn.
129	-
130	- Check all the security features other than two-factor authentication ( Two step verification/OTP authentication ) here: [miniOrange Website](https://security.miniorange.com/)
131
132	<h4>Useful blog posts about two-factor authentication ( 2FA / MFA ) plugin </h4>
133	* [Beginner’s Guide: How to Add Two-Factor Authentication to WordPress](https://themeisle.com/blog/how-to-add-two-factor-authentication-to-wordpress/)
	@@ -139,8 +134,6 @@ Check all the security features other than two-factor authentication ( Two step
139
140	Customized solutions and Active support are available. Email us at info@xecurify.com or call us at +1 9786589387.
141
142	- Note: The plugin is GDPR Compliant and supports a wide variety of Language Translation
143	-
144	== Installation ==
145
146	= From your WordPress dashboard =
	@@ -182,29 +175,21 @@ If a user has not set up Two-Factor yet, the user has to register by inline regi
182
183	You can select the two-factor authentication methods under the Login Settings tab. The selected authentication methods will be shown to the user during inline registration for example if you select Google Authenticator it will be shown on login. [PREMIUM FEATURE]
184
185	- = I have a custom/front-end login page on my site and I want the look and feel to remain the same when I add 2-factor ? =
186
187	If you have a custom login form other than wp-login.php then we will provide you the shortcode. Shortcode will work only for the customized login page created from WordPress plugins. We are not claiming that it will work with all the customized login pages. In such a case, custom work is needed to integrate two-factor with your customized login page. You can submit a query in our <b>Support Section</b> in the plugin or you can contact us at info@xecurify.com for more details.
188
189	- = I ~~have~~ ~~installed~~ ~~plugins~~ ~~that~~ ~~limit~~ ~~the~~ ~~login~~ ~~attempts~~ ~~like~~ ~~Limit~~ ~~Login~~ ~~Attempt,~~ ~~Loginizer,~~ ~~Wordfence,~~ ~~etc.~~ ~~Are~~ ~~there~~ ~~any~~ ~~incompatibilities~~ with ~~these~~ ~~kinds~~ ~~of plugins?~~ =
190	-
191	- The limit login attempt kind of plugins limit the number of login attempts and block the IP temporarily. So if you are using 2 factor(WP 2fa/TFA) along with these kinds of plugins then you should increase the login attempts (minimum 5) so that you don't get locked out yourself.
192
193	- = If ~~you~~ ~~are~~ ~~using~~ ~~any~~ ~~Security~~ ~~Plugin~~ in ~~WordPress~~ ~~like~~ ~~Simple~~ ~~Security~~ ~~Firewall~~, ~~All~~ in ~~One~~ WP ~~Security~~ ~~Plugin~~ ~~and~~ ~~you~~ ~~are~~ ~~not~~ ~~able~~ to ~~login~~ ~~with~~ ~~Two-Factor~~. =
194	-
195	- Our Two-Factor plugin is compatible with most of the security plugins, but if it is not working for you. Please submit a query in our Support Section in the plugin or you can contact us at info@xecurify.com.
196
197	= If you are using any render-blocking javascript and CSS plugin like Async JS and CSS Plugin and you are not able to login with Two-Factor or your screen went blank. =
198
199	If you are using Async JS and CSS Plugin. Please go to its settings and add jquery to the list of exceptions and save settings. It will work. If you are still not able to get it right, Please submit a query in our Support Section in the plugin or you can contact us at info@xecurify.com.
200
201	- = My phone has no internet connectivity and I am entering the one time passcode from miniOrange Authenticator App during OTP login, it says Invalid OTP?
202	-
203	- Click on the <b>Settings Icon</b> on top right corner in <b>miniOrange Authenticator App</b> and then press <b>Sync button</b> under 'Time correction for codes' to sync your time with miniOrange Servers. If you still can't logged in then please email us at info@xecurify.com or <a href="https://miniorange.com/contact" target="_blank">Contact us</a>.Soft Token method is just like google authenticator method.
204	-
205	= I am upgrading my phone. =
206
207	- You should go to <b>Setup Two-Factor (2FA) </b> Tab and click on <b>Reconfigure</b> to reconfigure 2-Factor with your new phone.
208
209	== Screenshots ==
210
	@@ -215,10 +200,16 @@ You should go to <b>Setup Two-Factor (2FA) </b> Tab and click on <b>Reconfigure<
215	5. Google Authenticator (WP 2FA/OTP) - QR code 2 Factor (2FA) login
216	6. Google Authenticator (WP 2FA/OTP) - miniOrange Authenticator login
217	7. Google Authenticator (WP 2FA/OTP) - Push notification login
218	- 8. Google Authenticator (WP 2FA/OTP) - Remember device and ~~personalization~~ add-ons
219
220	== Changelog ==
221






222	= 5.6.4 =
223	* Google Authenticator - Two factor Authentication (2FA, OTP) :
224	* Bug fix - headers already sent in messages.php
	@@ -246,6 +237,12 @@ For older changelog entries, please see the [additional changelog.txt file](http
246
247	== Upgrade Notice ==
248






249	= 5.6.4 =
250	* Google Authenticator - Two factor Authentication (2FA, OTP) :
251	* Bug fix - headers already sent in messages.php
	@@ -1054,4 +1051,4 @@ More descriptive setup messages and UI changes.
1054	* Google Authenticator - Two Factor Authentication ( 2FA ): Added email ID verification during registration.
1055
1056	= 1.0.0 =
1057	- * First version of Google Authenticator - Two Factor Authentication ( 2FA ) plugin supported with mobile authentication for admins only.


1	=== miniOrange's Google Authenticator - WordPress Two Factor Authentication (2FA , Two Factor, OTP SMS and Email) \| Passwordless login ===
2
3	Contributors: twofactor, twofactorauthentication, hsn97,cyberlord92
4	+ Tags: google authenticator, two-factor, two-factor authentication, OTP Authentication, 2FA , wp 2fa, 2-factor authentication, MFA, Remember Device, OTP Over Telegram, passwordless login, email verification, Security Questions, FIDO, FIDO2, Webauthn, SMS login, OTP Over SMS and Email, OTP over Whatsapp, Whatsapp 2FA.
5	Donate link: https://miniorange.com/
6	Requires at least: 3.0.1
7	Tested up to: 6.1
8	Requires PHP: 5.3.0
9	+ Stable tag: 5.6.5
10	License: GPLv2 or later
11	License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
13	+ Google Authenticator is a user-friendly plugin that allows you to add two-factor authentication (2FA) for your users to secure your site’s login page.
14
15	== Description ==
16
17	+ Google Authenticator - Two-Factor (WP 2FA / OTP) -
18	+ Secure the login page for your WordPress website using TOTP-based/OTP Login 2FA methods like Duo/Microsoft/Google Authenticator.
19
20	+ Users can set up 2FA without access to the WordPress dashboard.
21
22	+ Check out following video to configure google authenticator as a 2FA:
23
24	[youtube https://youtu.be/_nkMCkxLcIs]
25
26	[Features](https://plugins.miniorange.com/2-factor-authentication-for-wordpress-wp-2fa?utm_source=wordpress&utm_medium=readme+link&utm_campaign=last+June#key-features) \| [7 day Premium trial](https://plugins.miniorange.com/wordpress-2fa-free-trial-request)
27
28	+ = [Google Authenticator - 2 Factor Authentication/ WP 2FA] =
29	+ * QR Code authentication, [Push Notification](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-user-registration-login-form), [Soft Token](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-miniorange-soft-token) and [Security Questions(KBA)](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-security-question) for multi factor authentication(WP 2FA/MFA)
30	+ * Language Translation Support for French, Spanish, Italian, German and many other languages
31	+ * [User Profile 2FA](https://plugins.miniorange.com/how-to-set-up-2-factor-from-wordpress-user-profile-section)
32	+ * Multi Factor Authentication (MFA)
33	+ * Two-Factor Authentication ( TFA/2FA ) for Ajax login forms like User Pro, [login with ajax](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-login-with-ajax-form), [Theme my login](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-theme-my-login-form), etc
34	+ * [Passwordless login](https://developers.miniorange.com/docs/security/wordpress/wp-security/passwordless-login)
35	+ * [Prevent account sharing](https://security.miniorange.com/restricting-users-from-sharing-their-login-credentials/): Google Authenticator (WP 2FA) is OTP login based method which restricts users from sharing WordPress login credentials. The Google authenticator plugin also adds a session control feature that limits user sessions based on WordPress User activities
36	+ * The Google Authenticator plugin Supports standard TOTP
37	+ * Two-Factor Authentication (WP 2FA/TFA) allows authentication on the login page itself for [Google Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/google-authenticator) & [miniOrange Soft Token](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-miniorange-soft-token)
38	+ * 3 users free for lifetime
39	+ * [Multiple Login Options](https://docs.miniorange.com/documentation/login-username-2nd-factor-2): Username + password + two-factor (or) Username + two-factor i.e. [Passwordless login /Login without password /Password free authentication](https://developers.miniorange.com/docs/security/wordpress/wp-security/passwordless-login)
40	* Recovery codes in case you are locked out for all Two-Factor Authentication (WP 2FA/TFA)
41	+ * Mobile verification (WP 2FA/TFA) using authentication methods like [Google Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/google-authenticator), QR code authentication, etc
42
43	= Apps Supported by the two-factor authentication (2FA / MFA) plugin =
44	* [Google Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/google-authenticator)

54	We are experts in the field of security and have released advanced WordPress solutions such as [Password Policy Manager]([https://plugins.miniorange.com/password-policy-manager?utm_source=wordpress&utm_medium=readme+link&utm_campaign=last+June]).
55	Apart from this, we also have [Broken Link Checker]([https://plugins.miniorange.com/broken-link-checker-finder?utm_source=wordpress&utm_medium=readme+link&utm_campaign=last+June]) to scan detect and fix your broken links to keep your site functioning smoothly.
56
57	+ = User Identity Verification or multi factor authentication with Google Authenticator =
58	+ Login and Registration: Verify users on login with different TOTP login methods & other OTP/2FA methods like [SMS login using OTP](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-otp-over-sms), [Email login using OTP](https://developers.miniorange.com/docs/security/wordpress/wp-security/otp_over_email), [OTP over Telegram](https://developers.miniorange.com/docs/security/wordpress/wp-security/otp-over-telegram), [Google Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/google-authenticator), SMS Verification, [Email Verification](https://developers.miniorange.com/docs/security/wordpress/wp-security/email_verification), [Authy Authenticator](https://youtu.be/fV-VnC_5Q5c), [Duo Authenticator](https://youtu.be/AZnBjf_E2cA), [Microsoft Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/microsoft-authenticator), TOTP Based Authenticators, [Security Questions](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-security-question), and many others.
59	+ OTP authentication can be done via either of the [OTP Login](https://plugins.miniorange.com/wp-2fa-otp-based-2fa-methods) methods (Email login using OTP or via SMS login using OTP).
60
61	+ = Plugin Integrations and Support for all methods of two-factor authentication ( WP 2FA ) =
62	+ Our plugin is compatible with [popular plugins](https://plugins.miniorange.com/2-factor-authentication-for-wordpress-wp-2fa#integrations) such as [WooCommerce](https://developers.miniorange.com/docs/security/wordpress/wp-security/2fa_on_woocomerce_login), [Ultimate member](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-ultimate-member-login-form), [User Registration](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-user-registration-login-form), [Restrict Content Pro](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-restrict-content-pro-login-form), [Login Press](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-login-press-login-form), [Registration Magic](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-registrationmagic-form), [Admin Custom Login](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-admin-custom-login-form), [Buddy Press](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-buddypress-login-form), [Theme My Login](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-theme-my-login-form), [Elementor Pro](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-elementor-pro-login-form), [Profile Builder](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-profile-builder-login-form), [Login With Ajax](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-login-with-ajax-form) and many more.
63
64	+ = Third Party Custom SMS Gateway for OTP Over SMS( OTP Login ) =
65	+ The premium Google Authenticator (WP 2FA) plugin supports any third-party custom SMS Gateway. If you don't have your SMS gateway you can use the miniOrange gateway and send SMS (OTP over SMS) for authentication.
66	+ [Here](https://plugins.miniorange.com/sms-email-gateways-supported-by-2fa-plugin) are some famous gateways supported for two-factor (WP 2FA/OTP).
67	+ [Test your gateway](https://login.xecurify.com/moas/login?redirectUrl=https://login.xecurify.com/moas/admin/customer/smsconfig)
68
69	= Why do you need to register for google authenticator? =
70	Google authenticator uses miniOrange APIs to communicate between your WP and miniOrange. To keep this communication secure, we ask you to register and assign API keys specific to your account. This way your account and users’ calls can be only accessed by API keys assigned to you.

72
73	= Google Authenticator ( WP 2FA - two-factor authentication ) All Inclusive Plugin Features =
74
75	+ * [Google Authenticator - Two-Factor Authentication (WP 2FA/TFA)](https://plugins.miniorange.com/2-factor-authentication-for-wordpress-wp-2fa?utm_source=wordpress&utm_medium=readme+link&utm_campaign=last+June) for all users and roles ( Site-based pricing )
76	+ * Two-Factor Authentication Methods: [Google Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/google-authenticator), [Authy Authenticator](https://youtu.be/fV-VnC_5Q5c), [Microsoft Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/microsoft-authenticator), [LastPass Authenticator](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-user-registration-login-form), [Security Questions](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-security-question), OTP Authentication (Email login using OTP & SMS login using OTP), Email Verification, Mobile Verification (SMS credits need to be purchased separately)

77	* Unlimited Email transactions
78	+ * Backup Method: KBA (Security Questions), Email login using OTP, Backup codes.
79	* [User role based redirection after Login](https://docs.miniorange.com/documentation/custom-redirect-login-url)
80	* [Customize account name in Google Authenticator app](https://docs.miniorange.com/documentation/google-authenticator-app-name)
81	* [Custom Security Questions (KBA)](https://docs.miniorange.com/documentation/custom-security-questions)

83	* [Force Two-factor for users](https://docs.miniorange.com/documentation/enforce-2fa-users)
84	* [Email notification to users asking them to set up Two-Factor Authentication (WP 2FA/TFA)](https://docs.miniorange.com/documentation/want-send-email-notification-users-setting-2-factor)
85	* [Set Privacy Policy for users](https://docs.miniorange.com/documentation/privacy-policy-site)
86	+ * [Remember Device to skip 2FA](https://docs.miniorange.com/documentation/remember-my-device)
87	* Customizable Login UI Popup: Using google authenticator plugin you can customize the user interface of the login popup as per your preference.
88	* Multisite compatible (only 3 subsites)
89
90	= Google Authenticator ( WP 2FA / OTP ) Enterprise Plugin Features =
91
92	* [Google Authenticator - Two-Factor Authentication](https://plugins.miniorange.com/2-factor-authentication-for-wordpress-wp-2fa?utm_source=wordpress&utm_medium=readme+link&utm_campaign=last+June) - 2FA for Users as per the upgrade ( User-based pricing )
93	+ * Available Authentication Methods: [Google Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/google-authenticator), [Authy Authenticator](https://youtu.be/fV-VnC_5Q5c), [Microsoft Authenticator](https://developers.miniorange.com/docs/security/wordpress/wp-security/microsoft-authenticator), [LastPass Authenticator](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-user-registration-login-form), QR Code, [Push Notification](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-user-registration-login-form), [Soft Token](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-miniorange-soft-token), [Security Questions(KBA)](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-miniorange-soft-token), OTP Authentication([Email login using OTP](https://developers.miniorange.com/docs/security/wordpress/wp-security/otp_over_email), [SMS login using OTP](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-otp-over-sms) or OTP Over SMS and Email), [Email Verification](https://developers.miniorange.com/docs/security/wordpress/wp-security/email_verification), [Hardware Token](https://mail.google.com/mail/u/0/?fs=1&tf=cm&source=mailto&su=TWO+FACTOR+WORDRESS+-+Hardware+Token+2FA+Method+.&to=2fasupport@xecurify.com&body=I+am+interested+in+the+Hardware+Token+method+of+the+2FA+plugin.+) ( SMS and Email credits need to be purchased separately)
94	+ * Backup Methods: [KBA(Security Questions)](https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-security-question), [Email login using OTP](https://developers.miniorange.com/docs/security/wordpress/wp-security/otp_over_email), [Backup Codes](https://plugins.miniorange.com/wordpress-two-factor-authentication-setup-guides#).
95	+ * [Sync 2FA for multiple websites](https://plugins.miniorange.com/two-factor-authentication-2fa-for-multiple-wordpress-websites)
96	+ * Multisite compatible for all WordPress 2FA methods
97	+ * Email notification to users asking them to set up Google Authenticator - Two-Factor Authentication (WP 2FA/TFA)
98	+ * [User role based redirection](https://developers.miniorange.com/docs/security/wordpress/wp-security/custom-redirect-login-url) after Login, Custom Security Questions (KBA), customizable account name in Google Authenticator app

99	* [Enable Two-Factor Authentication (WP 2FA/OTP) for specific Users/User Roles](https://developers.miniorange.com/docs/security/wordpress/wp-security/specific-set-authentication-methods-based-role)
100	+ * Choose specific 2FA methods for Users
101	+ * [RBA & Trusted Devices Management](https://developers.miniorange.com/docs/security/wordpress/wp-security/remember-my-device), [White Labeling](https://plugins.miniorange.com/wordpress-two-factor-authentication-setup-guides#) and [Short Codes](https://plugins.miniorange.com/wordpress-two-factor-authentication-setup-guides#)
102	+ * Monitoring current Google Authenticator and other two-factor authentication (2 Factor) methods of all the users in the plugin


103	* [Session restriction](https://plugins.miniorange.com/wordpress-two-factor-authentication-setup-guides#)
104
105	= Add Ons for two-factor authentication ( WP 2FA / OTP ) =

108	* Remember Device to skip the two-factor authentication ( 2 Factor ) from the trusted devices.
109	* Set Device Limit for the users to login
110
111	+ * [White Labeling Add-on](https://plugins.miniorange.com/wordpress-two-factor-authentication-setup-guides#) Features to customize your two-factor authentication/OTP Authentication pages
112	* Custom UI of Two-Factor Authentication (WP 2FA/TFA) pop-ups
113	* Custom Email and SMS Templates
114	* Customize 'Powered by' Logo on wp 2fa authentication page

122	* On-Demand ShortCodes for specific functionalities ( like for enabling WordPress 2FA (Two-Factor authentication) for specific pages)
123
124	* [Device restriction with webauthn/ FIDO2](https://plugins.miniorange.com/passwordless-login-with-web-authentication-wordpress)
125	+ Password free authentication is possible with WebAuthn


126
127	<h4>Useful blog posts about two-factor authentication ( 2FA / MFA ) plugin </h4>
128	* [Beginner’s Guide: How to Add Two-Factor Authentication to WordPress](https://themeisle.com/blog/how-to-add-two-factor-authentication-to-wordpress/)

134
135	Customized solutions and Active support are available. Email us at info@xecurify.com or call us at +1 9786589387.
136


137	== Installation ==
138
139	= From your WordPress dashboard =

175
176	You can select the two-factor authentication methods under the Login Settings tab. The selected authentication methods will be shown to the user during inline registration for example if you select Google Authenticator it will be shown on login. [PREMIUM FEATURE]
177
178	+ = I have a custom/front-end login page on my site and I want the look and feel to remain the same when I add 2 factor? =
179
180	If you have a custom login form other than wp-login.php then we will provide you the shortcode. Shortcode will work only for the customized login page created from WordPress plugins. We are not claiming that it will work with all the customized login pages. In such a case, custom work is needed to integrate two-factor with your customized login page. You can submit a query in our <b>Support Section</b> in the plugin or you can contact us at info@xecurify.com for more details.
181
182	+ = If you are facing any issue while logging in with our Google Authenticator plugin or there is a conflict with any other plugin. =


183
184	+ Our Google Authenticator plugin is compatible with most of the popular plugins, but if it is not working for you, please submit a query in our Support Section in the plugin or you can contact us at info@xecurify.com.


185
186	= If you are using any render-blocking javascript and CSS plugin like Async JS and CSS Plugin and you are not able to login with Two-Factor or your screen went blank. =
187
188	If you are using Async JS and CSS Plugin. Please go to its settings and add jquery to the list of exceptions and save settings. It will work. If you are still not able to get it right, Please submit a query in our Support Section in the plugin or you can contact us at info@xecurify.com.
189




190	= I am upgrading my phone. =
191
192	+ You should go to <b>Setup Two-Factor (2FA) </b> Tab and click on <b>Reconfigure</b> to reconfigure 2 Factor with your new phone.
193
194	== Screenshots ==
195

200	5. Google Authenticator (WP 2FA/OTP) - QR code 2 Factor (2FA) login
201	6. Google Authenticator (WP 2FA/OTP) - miniOrange Authenticator login
202	7. Google Authenticator (WP 2FA/OTP) - Push notification login
203	+ 8. Google Authenticator (WP 2FA/OTP) - Remember device and white labeling add-ons
204
205	== Changelog ==
206
207	+ = 5.6.5 =
208	+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
209	+ * Bug fix - Save template for notifications on email
210	+ * Bug fix - Error in SMS authentication setup through plugin dashboard
211	+ * Updated Network Security removal notice message
212	+
213	= 5.6.4 =
214	* Google Authenticator - Two factor Authentication (2FA, OTP) :
215	* Bug fix - headers already sent in messages.php

237
238	== Upgrade Notice ==
239
240	+ = 5.6.5 =
241	+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
242	+ * Bug fix - Save template for notifications on email
243	+ * Bug fix - Error in SMS authentication setup through plugin dashboard
244	+ * Updated Network Security removal notice message
245	+
246	= 5.6.4 =
247	* Google Authenticator - Two factor Authentication (2FA, OTP) :
248	* Bug fix - headers already sent in messages.php

1051	* Google Authenticator - Two Factor Authentication ( 2FA ): Added email ID verification during registration.
1052
1053	= 1.0.0 =
1054	+ * First version of Google Authenticator - Two Factor Authentication ( 2FA ) plugin supported with mobile authentication for admins only.

views/twofa/setup/setup_otp_over_sms.php CHANGED Viewed

	@@ -28,7 +28,7 @@ function mo2f_configure_otp_over_sms( $user ) {
28	value="<?php echo esc_html(wp_create_nonce( "mo2f-configure-otp-over-sms-send-otp-nonce" )) ?>"/>
29
30	<div style="display:inline;">
31	- <input class="mo2f_table_textbox" style="width:200px;" type="text" name="~~verify_phone~~" id="phone"
32	value="<?php echo $user_phone ?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}"
33	title="<?php echo mo2f_lt( 'Enter phone number without any space or dashes' ); ?>"/><br>
34	<input type="submit" name="verify" id="verify" class="button button-primary button-large"


28	value="<?php echo esc_html(wp_create_nonce( "mo2f-configure-otp-over-sms-send-otp-nonce" )) ?>"/>
29
30	<div style="display:inline;">
31	+ <input class="mo2f_table_textbox" style="width:200px;" type="text" name="phone" id="phone"
32	value="<?php echo $user_phone ?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}"
33	title="<?php echo mo2f_lt( 'Enter phone number without any space or dashes' ); ?>"/><br>
34	<input type="submit" name="verify" id="verify" class="button button-primary button-large"

Google Authenticator – WordPress Two Factor Authentication (2FA) - Version 5.6.5

Version Description

Release Info

Code changes from version 5.6.4 to 5.6.5