- February 2, 2021 at 6:53 pm #5199
If you click your name, near the logout, you might have noticed a new option in your profile menu. The new option is 2FA.
What is 2FA?
Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves. This process is done to better protect both the user’s credentials and the resources the user can access. Two-factor authentication provides a higher level of security than authentication methods that depend on single-factor authentication (SFA), in which the user provides only one factor — typically, a password or passcode. Two-factor authentication methods rely on a user providing a password, as well as a second factor.
How to activate?
Go to your profile menu and click 2FA. After clicking this, click “Activate 2FA”, from here, you will see instructions that will help you configure 2FA.May 18, 2021 at 5:34 am #5357
May 31, 2021 at 1:05 pm #5365
- Issue in logic caused users to be unable to configure 2FA unless specifically enforced on them.
- Other bug fixes.
• Several improvements applied in how plugin settings are saved and checked (during user login).
• Better resolution used for user-entered data in wizard.
• Users are now notified to reconfigure 2FA if the 2FA method they are using is no longer allowed.
• Other improvements.
■ Bug fixes
• Users were being redirected to custom redirect before finishing the backup codes.
• Buttons were not clickable when using the front-end 2FA setup page.
• Fixed a number of browser compatibility issues (mostly better support for Safari).
• User was still asked for 2FA code even if excluded.
• Settings were not properly populated in some cases, resulting in error on admin pages.
• Other bug fixes.July 15, 2021 at 10:48 am #5422
• Refactored the way the 2FA saves and retrieves user 2FA properties.
• Other improvments.
■ Bug fixes
• User roles that contain a space can now be excluded.
• Other bug fixes.August 15, 2021 at 12:03 pm #5468
■ Bug fixes
December 4, 2021 at 11:57 pm #5788
- Fixed an issue where in some scenario accounts were locked out even if the user had 2FA configured.
- Fixed some backend system issues.
- Fixed issues with users being unable to close configuration dialog on mobile devices.
December 9, 2021 at 5:34 pm #5811
- QR code generator updated.
- New setting to allow/disallow users from using other email addresses when configuring 2FA over email.
- Bug fixes.
- User roles that contain a space can now be excluded.
April 23, 2022 at 11:10 am #6655
- Bug fixes and improvements.
May 8, 2022 at 4:12 pm #6658
- Backend changes to help with logins.
February 4, 2023 at 9:25 pm #6867
- Security fix.
- New features
- Backend feature added.
- Made alternative 2FA backup methods available in first-install wizard to give users more prominence, so users can use them.
- Conflict fixes with other functions that may occur.
- Applied several improvements to the 2FA user wizard for better UX.
- Removed redundant cron job.
- Removed redundant code (it was no longer needed due to change and improvement in functionality).
- Bug fixes
- Fixed: sends two emails when clicking the “Resend code” button.
- Added additional checks to ensure that all the “No 2FA method selected” scenarios are handled.
- Fixed a number of spelling mistakes.
- Fixed: fatal error that may occur in some cases.
- Addressed a number of PHP warnings.
- The forum ‘Site’ is closed to new topics and replies.