georgestephanis / two-factor
Two-Factor Authentication for WordPress.
Maintainers
Package info
github.com/WordPress/two-factor
Type:wordpress-plugin
pkg:composer/georgestephanis/two-factor
Requires
- php: >=7.2.24|^8
Requires (Dev)
- automattic/vipwpcs: ^3.0
- dealerdirect/phpcodesniffer-composer-installer: ^1.0
- phpcompatibility/phpcompatibility-wp: 3.0.0-alpha2
- phpunit/phpunit: ^8.5|^9.6
- spatie/phpunit-watcher: ^1.23
- szepeviktor/phpstan-wordpress: ^1.3
- wp-coding-standards/wpcs: ^3.3
- yoast/phpunit-polyfills: ^4.0
- dev-master
- 0.16.0
- 0.16.0-beta.1
- 0.15.0
- 0.14.2
- 0.14.1
- 0.14.0
- 0.13.0
- 0.12.0
- 0.11.0
- 0.10.0
- 0.9.1
- 0.9.0
- 0.8.2
- 0.8.1
- 0.8.0
- 0.7.3
- 0.7.2
- 0.7.1
- 0.7.0
- 0.7.0-rc.1
- 0.6.0
- 0.5.2
- 0.5.1
- 0.5.0
- 0.4.8
- 0.4.7
- 0.4.6
- 0.4.5
- 0.4.4
- 0.4.3
- 0.4.2
- 0.4.1
- 0.4.0
- 0.3.0
- 0.2.0
- dev-deploy/v0.16.0
- dev-dependabot/npm_and_yarn/multi-dc1d161b7c
- dev-dependabot/npm_and_yarn/simple-git-3.33.0
- dev-dependabot/npm_and_yarn/svgo-3.3.3
- dev-dependabot/npm_and_yarn/immutable-5.1.5
- dev-alternative/pr-741-autosubmit-tweak
- dev-copilot/sub-pr-820
- dev-fix-linter
- dev-797-ensure-configured-on-save
- dev-broadcast-events
- dev-pr-389-recrypt
- dev-dxw-feature/generate-qr-internally
- dev-core/proposal
- dev-feature/email-code-link
- dev-ux/user-configuration
- dev-fix/xmlrpc-bypass
- dev-add/totp-ajax
This package is not auto-updated.
Last update: 2026-03-30 23:05:53 UTC
README
Two-Factor plugin for WordPress. View on WordPress.org →
Description
The Two-Factor plugin adds an extra layer of security to your WordPress login by requiring users to provide a second form of authentication in addition to their password. This helps protect against unauthorized access even if passwords are compromised.
Usage
See the readme.txt for installation and usage instructions.
Contribute
Please report (non-security) issues and open pull requests on GitHub. See below for information on reporting potential security/privacy vulnerabilities.
Join the #core-passwords channel on WordPress Slack (sign up here).
To use the provided development environment, you'll first need to install and launch Docker. Once it's running, the next steps are:
git clone https://github.com/wordpress/two-factor.git
cd two-factor
npm install
npm run build
npm run env start
See package.json for other available scripts you might want to use during development, like linting and testing.
When you're ready, open a pull request with the suggested changes.
Testing
- Run
npm testornpm run test:watch.
To generate a code coverage report, be sure to start the testing environment with coverage support enabled: npm run env start -- --xdebug=coverage
To view the code coverage report, you can open a web browser, go to File > Open file..., and then select {path to two-factor}/tests/logs/html/index.html.
Deployments
Deployments to WP.org plugin repository are handled automatically by the GitHub action .github/workflows/deploy.yml. Versioned releases are deployed from Git tags under the tags directory. See the workflow for current branch/release conditions used for readme and asset updates.
Known Issues
- PHP codebase doesn't pass the WordPress coding standard checks, see #437.
Changelog
A complete listing of all notable changes are documented in CHANGELOG.md.
Credits
Created by contributors and released under GPLv2 or later.
Security
Please privately report any potential security issues to the WordPress HackerOne program.