Secure your WordPress Administration area with 2FAS Classic plugin
Each time you log in to the WordPress admin area, you will be requested by the system to provide an additional way of authentication in the form of TOTP codes.
To secure your mobile phone from loss or apps being deleted, you can generate a list of once-off backup codes, or pin a credit card to the system, and receive codes via SMS or VMS.
2FAS is available to all users as soon as it’s installed and registered. Registration is needed because the 2FAS Classic plugin communicates with the powerful 2FAS API.
That gives an opportunity to make authentications, send text messages, make automated voice calls and many more.
If you want to go beyond the basic plugin. Go for our upgraded plugin 2FAS Prime. Advantages of 2FAS Prime plugin:
– No registration required
– Easy to set up
– Simple to use
If you use 2FAS Authenticator App, the 2nd stage of user verification can be carried out by confirming the login on your phone without the need to re-type the token in the browser (Push Notifications).
2FA Authenticator can be configured for any TOTP based Authentication Method for providing an additional layer of security of Two Factor Authentication(2FA).
2FAS plugin works perfectly with 2FAS Authenticator app but supports also other 2FA apps based on TOTP (Time-Based One-Time Password).
Get instant protection against:
It happens that the encrypted password for the portal is hacked due to outdated software or plugins. It is only a matter of time before the encoded hash password will be decrypted and will appear online. You don’t have to worry about it if you use the 2FAS Classic plugin. Even if the attacker knows your password, he still has to enter the one-time token generated by 2FAS App to gain access to your account.
Many people use the same password or a similar password for many online services. ‘Weak’ and repeatedly used passwords remain a major cybersecurity vulnerability. You effectively reduce that risk when you carefully choose your passwords and enable Two Factor Authentication with the 2FAS Prime plugin.
Phishing and keylogger attacks
Enable the 2FAS Classic to protect your WordPress site and make sure that the devices used by you or other users are completely free of keyloggers and viruses.
Any password discovery attempt is useless with 2FAS. Without your token generated by the 2FAS app or other 2FA app., conventional access to your WordPress site is almost impossible.
For more information check out our website at https://2fas.com
If you need our support, please contact us at email@example.com
- Log in to your WordPress administration area and go to the “Plugins” menu option on the left side.
- Click the “Add New” button at the top of the page.
- Search for “2FAS Classic” and click the “Install Now” button.
- When 2FAS successfully installs, click the “Activate Plugin” link.
- Go to the 2FAS Dashboard menu option and create 2FAS account.
- Follow the steps of the plugin wizard (scan the QR code and provide your token in order to verify it).
- That’s it! Now your WordPress administration area is protected by 2FAS.
- PHP 5.6 or newer (PHP 7.3 or newer is recommended)
- PHP extensions: cURL, GD, Multibyte String and OpenSSL
- WordPress 4.2 or newer (WordPress 5.7 or newer is recommended)
- A database user must have privileges for creating and deleting tables
Important notice: 2FAS plugin is not compatible with multisite mode.
If you have any problems with the installation, please contact us at firstname.lastname@example.org
Why do I need the 2FAS Classic plugin?
If you’re not completely sure your devices or ones used by your sub-users are completely free of keyloggers and viruses, then it is a great solution.
Without the token generated by your smartphone, any password discovery attempt will be useless with 2FAS Classic plugin.
Do I need to enter a token each time I log in to the WordPress admin?
No, it is not necessary. You can mark browser on your computer or mobile device as trusted. With trusted web browsers and devices, you don’t need to enter a verification code each time you sign in.
What do I need to do to start using the 2FAS Classic plugin?
The most common way to use the 2FAS plugin is to configure your smartphone to generate tokens. We recommend installing 2FAS Authenticator app but you can download any Time-based One-time Password (TOTP) app.
2FAS Authenticator app largely speeds up the verification process and makes it much more convenient, as it enables you to log in by one click on your mobile, without the need of retyping the code.
You also need to have an account on 2fas.com (you can do it during plugin configuration).
What should I do when I lose my phone/delete the app?
You may always use our 2FAS Backup. It is a feature of 2FAS App that allows you to backup your Secret Keys safely and anonymously on your cloud. This backup method is completely secure and no one except you has access to your keys.
In case you lose or damage your phone you simply install 2FAS App on your new device and turn the 2FAS Backup feature on to get access to your Keys. That way you will never get locked out of your accounts.
What methods can I use as a second factor?
In general, our plugin offers four authentication methods: TOTP app, offline code, text message, and an automated voice call. TOTP is the primary method and the other are backup methods. You can use them if you don’t have access to a mobile application.
Is it free?
It is completely free if you’re using tokens (TOTP, e.g. for 2FAS Authenticator app).
If you’d like to use text messaging or voice call, you need to create an account at 2fas.com and see our pricing, since prices vary depending on cell phone carriers. We charge only for the messages that are sent (authentication).
2FAS plugin sends to our API data which is important to provide website security and high quality technical support. Below you can find what kind of data is being sent:
– Website URL with the name and version of the WordPress installation
– PHP version
– 2FAS plugin version
– Browser name
This data is necessary in order to provide technical support.
Contributors and Developers
“2FAS Classic – Two Factor Authentication” is open source software. The following people have contributed to this plugin.Contributors
Interested in development?
3.2.0 (Dec. 1, 2021)
- Removed push notifications
3.1.0 (Oct. 17, 2021)
- Add deprecation info
3.0.6 (Sep. 6, 2021)
- Removed old migration
- Updated Account SDK to 4.3
3.0.5 (Jun. 21, 2021)
- Added user migration to 2FAS Prime plugin
3.0.4 (Mar. 29, 2021)
- Update plugin name
3.0.3 (Feb. 8, 2021)
- Upgrade cookies support
- Check adblocker when sending Push Notification