=== miniOrange's Google Authenticator - WordPress Two Factor Authentication - 2FA, Two Factor, OTP SMS and Email | Passwordless login ===

Contributors: twofactor, twofactorauthentication, hsn97, cyberlord92
Tags: google authenticator, WordPress 2FA (WP 2FA), 2FA, two-factor authentication, 2-factor authentication
Donate link: https://miniorange.com/
Requires at least: 3.0.1
Tested up to: 6.6.1
Requires PHP: 7.2.24
Stable tag: 6.0.4
License: MIT/Expat
License URI: https://docs.miniorange.com/mit-license

Google Authenticator is a user-friendly plugin that allows you to add two-factor authentication i.e, 2FA for your users to secure the WordPress login.

== Description ==
 
[Features](https://plugins.miniorange.com/2-factor-authentication-for-wordpress-wp-2fa) | [Setup Guide](https://plugins.miniorange.com/step-by-step-guide-for-wordpress-2-factor-authentication) | [Documentation](https://plugins.miniorange.com/wordpress-two-factor-authentication-setup-guides) | [Integrations](https://plugins.miniorange.com/2-factor-authentication-for-wordpress-wp-2fa#log_in_integrations) | [Contact Us](https://www.miniorange.com/contact)

**A POWERFUL & USER-FRIENDLY 2FA PLUGIN - FREE TO USE**

Secure your WordPress login by adding a security layer i.e. two-factor authentication (2FA) or two-step authentication.

Install [Two Factor Authentication - 2FA plugin](https://plugins.miniorange.com/2-factor-authentication-for-wordpress-wp-2fa) to protect your website from unauthorized access. miniOrange Google Authenticator - Two Factor Authentication (2FA) is the most feature-rich and reliable 2FA solution.
Two Factor Authentication or Two-Step Authentication secures your website against various threats like brute force attacks, dictionary attacks, and automated password guessing.

**KEY FEATURES AND CAPABILITIES OF GOOGLE AUTHENTICATOR - TWO-FACTOR AUTHENTICATION PLUGIN (2FA)**

**Two Fator Authentication plugin** supports all the TOTP Authenticator Apps. 
Here are a few examples of TOTP Authenticator apps of Two Factor Authentication - WP 2FA plugin:
 [Google Authenticator](https://plugins.miniorange.com/google-authenticator-for-wordpress-two-factor-authenticator-2fa-mfa)
 [Microsoft Authenticator](https://plugins.miniorange.com/setup-microsoft-authenticator-for-wordpress-2fa)
 [LastPass Authenticator](https://plugins.miniorange.com/how-to-setup-lastpass-authenticator-for-wordpress-2fa)
 [Duo Authenticator](https://plugins.miniorange.com/duo-authenticator-for-two-factor-authentication-wordpress)
 [Authy 2-Factor Authenticator](https://plugins.miniorange.com/authy-authenticator-setup-for-wordpress-2fa)
 FreeOTP Authenticator
 Okta Verify and many other 2FA authenticator apps.
 
In TOTP Authenticator methods of WP 2FA plugin, you get a 2FA code on the authenticator app to verify yourself during WordPress Login.

Check out the following video to configure Google authenticator as your 2FA method:

[youtube https://youtu.be/_nkMCkxLcIs]

**Two Factor Authenticator - WordPress 2FA (WP 2FA) plugin** provides multiple 2FA methods to setup two-step authentication. One of the popular being Google Authenticator. 
 
WordPress 2 factor authentication plugin very easily helps you to set up two-step authentication.
Our easy-to-follow steps of the setup wizard guide you through the process.
It makes WordPress 2FA (WP 2FA) plugin  setup simple, quick, easy, and requires no technical knowledge.
Hence, you can configure 2FA in no time and setup any two-step authentication method of your choice.


* [Two-Factor Authentication - 2FA for all user roles](https://plugins.miniorange.com/how-to-enable-role-based-2fa-for-wordpress-two-factor-authentication)
* Two-Factor Authentication (2FA) or Two-Step Authentication Methods:
  * Login with 2FA using Authenticator Apps
  * [OTP Over Email/2FA code Over email/OTP login via Email](https://plugins.miniorange.com/otp-over-email-for-wordpress-two-factor-authentication-2fa-mfa)
  * [OTP Over SMS/2FA code Over SMS/OTP login via SMS](https://plugins.miniorange.com/otp-over-sms-for-wordpress-two-factor-authentication-2fa-mfa)
  * [Email Verification via link](https://plugins.miniorange.com/how-to-setup-email-verification-for-2-factor-authentication-wordpress-2fa)
  * [OTP over Telegram](https://plugins.miniorange.com/login-with-telegram-as-a-two-factor-method-for-wordpress)
  * [Security Questions](https://plugins.miniorange.com/setup-security-questions-for-two-factor-authentication-wordpress-2fa)
* [Set 2FA method of any user from their profiles](https://plugins.miniorange.com/how-to-set-up-2-factor-from-wordpress-user-profile-section)
* Users can log in with any configured 2FA  or two-step authentication methods
* Grace Period for users to configure 2FA or two-step authentication
* 2FA or two-step authentication is supported on popular login forms
* 2FA or two-step authentication supported on popular checkout/registration forms
* 2FA for a lifetime for up to 3 users
* Login using backup codes in case you are locked out
* Language Translation Support for French, Spanish, Italian, German, and many other languages

**Maintained & Supported by miniOrange**

We are experts in the field of security and have released various advanced WordPress solutions. [Visit to learn about other WordPress products by miniOrange](https://plugins.miniorange.com/wordpress).

**PREMIUM FEATURES AVAILABLE ON UPGRADE**

* Two-Factor Authentication - 2FA for all users and user roles on your website

* Unlimited Email transactions for email-based 2FA

* [Set different 2FA or two-step authentication policies for different user roles](https://docs.miniorange.com/documentation/specific-set-authentication-methods-based-role)

* Enable/disable Two-Factor Authentication (2FA) or two-step authentication for specific Users/User Roles

* Login with backup 2FA methods: - KBA (Security Questions), OTP login using Email, and Backup codes

* [Redirect users to a custom URL after 2FA](https://docs.miniorange.com/documentation/custom-redirect-login-url)

* [Customize account name shown in 2FA Authenticator apps](https://docs.miniorange.com/documentation/google-authenticator-app-name)

* [Set custom security questions](https://docs.miniorange.com/documentation/custom-security-questions)

* [Force Two-factor authentication or two-step authentication for users](https://docs.miniorange.com/documentation/enforce-2fa-users)

* [Send email notification to users asking them to set up Two-Factor Authentication (2FA) or two-step authentication](https://docs.miniorange.com/documentation/want-send-email-notification-users-setting-2-factor)

* [Remember device to skip 2FA or two-step authentication on trusted devices](https://plugins.miniorange.com/how-to-set-remember-device-with-two-factor-authentication-2fa)

* Customize 2FA login pop-ups according to your website's theme

* 2FA supported on multisite network for up to 3 subsites

* Login with 2FA or two-step authentication using Hardware Token

* [Sync WP 2FA for multiple websites](https://plugins.miniorange.com/two-factor-authentication-2fa-for-multiple-wordpress-websites)

* Customize email notifications, and 2FA login pop-ups and use your own branding logo

* Shortcodes available to add enable/disable 2FA checkbox and reconfigure 2FA panel on user's account page

* Restrict the number of simultaneous sessions of a user

* [Passwordless login - Login without password using 2FA](https://plugins.miniorange.com/how-to-set-passwordless-login-as-a-login-screen-options-wordpress-2fa)

* 2FA or two-step authentication for popular login forms like User Pro, Login with Ajax, Theme My Login, etc 

= User Identity Verification with the Two Factor Authentication (2FA) or WordPress 2FA (WP 2FA) plugin =
**2FA on Login and Registration:** Verify users on login with different [TOTP login methods & other 2FA/OTP login methods](https://plugins.miniorange.com/wp-2fa-otp-based-2fa-methods) like OTP login using SMS, OTP login using Email, OTP over Telegram, Google Authenticator, Email Verification, Authy Authenticator, Duo Authenticator, Microsoft Authenticator and many others. Two-factor authentication on registration can be done via either of the OTP login methods (OTP authentication using Email or via OTP authentication using SMS).

= Plugin Integrations and Support for all two-factor authentication (2FA) or two-step authentication methods =
**Two Factor Authentication - WordPress 2FA plugin** is compatible with [popular plugins](https://plugins.miniorange.com/2-factor-authentication-for-wordpress-wp-2fa#integrations) such as:-

* [WooCommerce](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-woocommerce-login-form)
* [Ultimate member](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-ultimate-member-login-form)
* [Buddy Press](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-buddypress-login-form)
* [Elementor Pro](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-elementor-pro-login-form)
* [Login With Ajax](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-login-with-ajax-form) and many more.
* [User Registration](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-user-registration-login-form)
* [Restrict Content Pro](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-restrict-content-pro-login-form) 
* [Login Press](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-login-press-login-form)
* [Registration Magic](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-registrationmagic-form) 
* [Admin Custom Login](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-admin-custom-login-form)
* [Theme My Login](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-theme-my-login-form)
* [Profile Builder](https://plugins.miniorange.com/two-factor-authentication-2fa-mfa-for-profile-builder-login-form)


= Third-Party Custom SMS Gateway for OTP Over SMS - OTP Login via SMS  =
The premium Two Factor Authentication - WordPress 2FA (WP 2FA) plugin support any third-party **SMS Gateway** for OTP login via SMS method. If you don't have your SMS gateway you can use the miniOrange gateway and send SMS in OTP over SMS authentication.
[Famous SMS gateways supported by Two Factor Authentication - WordPress 2FA plugin](https://plugins.miniorange.com/sms-email-gateways-supported-by-2fa-plugin).
[Test your gateway](https://login.xecurify.com/moas/login?redirectUrl=https://login.xecurify.com/moas/admin/customer/smsconfig)

= Why do you need to register with miniOrange in the Two Factor Authentication plugin or miniOrange Google Authenticator? =
**Two Factor Authentication or WordPress 2FA (WP 2FA) plugin** uses miniOrange APIs to communicate between your WP site and miniOrange IDP. To keep this communication secure, we ask you to register and assign API keys specific to your account. This way your account and users’ calls can be accessed only by API keys assigned to you.

However, you can use most of the 2FA methods without registration. You must register yourself to use the OTP Over SMS or OTP login via SMS method.


= Useful blog posts about two-factor authentication or WordPress 2FA plugin =
* [Beginner’s Guide: How to Add Two-Factor Authentication to WordPress](https://themeisle.com/blog/how-to-add-two-factor-authentication-to-wordpress/)
* [How to Add Two-Factor Authentication i.e, WordPress 2FA using Google Authenticator](https://phppot.com/wordpress/how-to-add-wordpress-two-factor-authentication-2fa-using-google-authenticator-plugin/)
* [How to translate WordPress Two-Factor Authentication - WP 2FA](https://plugins.miniorange.com/the-plugin-translate-spanish-language-with-2-factor-wordpress)
* [Simple method to add Two-Factor Authentication in WordPress](https://wpastra.com/two-factor-authentication-wordpress/)
* [WordPress two-factor authentication – How to Setup 2FA](https://www.fixrunner.com/wordpress-two-factor-authentication/)
* [OTP over WhatsApp](https://plugins.miniorange.com/login-with-whatsapp-as-a-two-factor-method-for-wordpress)

Customized solutions and active support for the miniOrange Google Authenticator or Two Factor Authentication(2FA) plugin are available. Email us at info@xecurify.com or call us at +1 9786589387.

== Installation ==

= From your WordPress dashboard =
1. Navigate to `Plugins > Add New` from your WP Admin dashboard.
2. Search for `miniOrange 2 Factor Authentication - 2FA`or `Google Authenticator.`
3. Install `miniOrange 2 Factor Authentication - 2FA` and activate the plugin.

= From WordPress.org =
1. Search for `miniOrange 2 Factor Authentication - 2FA` and download it.
2. Unzip and upload the `miniorange-2-factor-authentication - 2FA` directory to your `/wp-content/plugins/` directory.
3. Activate miniOrange 2 Factor Authentication - 2FA from the Plugins tab of your admin dashboard.

**Video Guide** :
[youtube https://youtu.be/_nkMCkxLcIs]

== Frequently Asked Questions ==

= How do I gain access to my website if I get locked out using the Google Authenticator? =

You can obtain access to your website by one of the below options:

1. If you have an additional administrator account whose Two-Factor or 2FA is not enabled yet, you can log in with it.
2. If you had set up KBA questions as 2FA earlier, you can use them as an alternate method to log in to your website instead of the configured 2FA method.
3. Rename the plugin from FTP - this disables the Two Factor Authentication - WordPress 2FA (WP 2FA) plugin and you will be able to log in without 2FA.

For detailed information, please check on our website. <a href="https://faq.miniorange.com/knowledgebase/how-to-gain-access-to-my-website-if-i-get-locked-out/" target="_blank">Locked Out</a>.<br>
You can also check our video tutorial:
[youtube https://www.youtube.com/watch?v=wLFKakQkpk8]

= How do I enable Google Authenticator 2 Factor Authentication - 2FA as the backup method? =

You can use Google Authenticator as the backup method for your users by enabling the "Login with any configured 2FA method" or "Multi-factor Authentication" in the miniOrange two-factor authentication - 2FA plugin settings. [PREMIUM FEATURE]

= I have enabled Two Factor Authentication(2FA) or Two-step authentication for all users, what happens if an end-user tries to log in but has not yet registered? =

If a user has not set up Two Factor yet, the user will be prompted for 2FA registration on the first login.

= How can I enable only one authentication method for my users? =

You can select the specific two-factor authentication(2FA) or two-step authentication methods under the Login Settings tab. Only the selected authentication methods will be shown to the user during inline registration for example if you select Google Authenticator or any specific 2FA methods, only they will be shown on login. [PREMIUM FEATURE]

= How can I make the look and feel of custom/front-end login page on my site to remain the same when I add 2-factor authentication? =

If you have a custom login form other than wp-login.php then you can configure 2FA on your login form from the Login Form settings in the miniOrange Two Factor Authentication(2FA) plugin dashboard. We are not claiming that it will work with all the custom login pages. In such a case, custom work is needed to integrate two-factor with your customized login page. You can submit a query in our <b>Support Section</b> in the plugin or you can contact us at info@xecurify.com for more details.

= What should I do if I face any issues while logging in with the minniOrange Two Factor Authentication plugin or if there is a conflict with any other plugin?  =

Our Two Factor Authentication plugin is compatible with most popular plugins, but if it is not working for you, please submit a query in our Support Section in the plugin or contact us at info@xecurify.com.

= I am using a render-blocking javascript and CSS plugin - Async JS and CSS Plugin and I am not able to log in with Two-Factor and the screen goes blank. What should I do? =

If you are using Async JS and CSS Plugin. Please go to its settings add jQuery to the list of exceptions and save settings. It will work. If you are still not able to get it right, Please submit a query in our Support Section in the plugin or you can contact us at info@xecurify.com.

= I am upgrading my phone. What should I do to shift 2FA to my new phone? =

You should go to <b>2FA For Me</b> Tab and click on <b>Reconfigure</b> to reconfigure 2 Factor with your new phone.

== Screenshots ==

1. Google Authenticator (WP 2FA/OTP) - Setup Twofa For Me
2. Google Authenticator (WP 2FA/OTP) - Google Authenticator Setup
3. Google Authenticator (WP 2FA/OTP) - Setup and Test Google Authentication
4. Google Authenticator (WP 2FA/OTP) - 2FA Login Settings
5. Google Authenticator (WP 2FA/OTP) - Setup and Test OTP Over SMS
6. Google Authenticator (WP 2FA/OTP) - Custom Email Templates
7. Google Authenticator (WP 2FA/OTP) - Reset Users' 2FA
8. Google Authenticator (WP 2FA/OTP) - miniOrange User Account Details

== Changelog ==

= 6.0.4 =
* Improvement - Updated Login Transaction Report UX
* 2FA Pricing Plan updates

= 6.0.3 =
* Bug Fixes - Google Authentication CSS-JS loading issue in login

= 6.0.2 =
* Setup Wizard flow changes.
* Bug Fix in Setup Wizard flow.

= 6.0.1 =
* Bug fixes for UI/UX plugin release

= 6.0.0 =
* Updated UI/UX of the plugin dashboard
* Added configuration for customizations of all email notifications White Labelling > Email Templates
* Added 2FA reconfiguration link over email as a backup method
* Added Cusotm Redirect URL after login feature
* Extended grace period functionality
* Removed miniOrange Authenticator 2FA method
* Removed DUO Authenticator 2FA method
* Shifted Google Authenticator Custom App name to White Labelling > 2FA Customizations

= 5.8.4 =
* Updated jquery jquery.dataTables.min.js version to latest version
* Bug fixes- Getting error on user account creation on WooCommerce

= 5.8.3 =
* Compatibility with WordPress 6.5
* Fixed redirection issue on activation with WordPress 6.5
* Changed refund Policy link
* Updated miniOrange portal links

= 5.8.2 =
* Bug Fix- Log out the users when grace period is enabled
* Improvement- Added SMTP checks for email verification authentication
* Improvement- Updated UX for Email Verification method
* Fixed- Warnings in the error logs

= 5.8.1 =
* Bug Fix- Show backup codes to users after configuring Email Verification
* Updated UI for Google Authenticator user configuration screens
* Updated UI of Setup Wizard

= 5.8 =
* Bug fix- 2FA method was getting updated when updating a user on user-edit page
* Updated UI for OTP over SMS, OTP over Email and OTP over Telegram configuration screens
* Added Email Varification authentication method

= 5.7.5 =
* Compatibility with WordPress 6.4

= 5.7.4 =
* Bug fix- Keep end users' 2FA configuration when the plugin is deactivated
* Bug fix- Attempts left for the OTP-based methods
* Bug fix- Display App Key for Google authenticator in 2FA inline registration

= 5.7.3 =
* Bug fixes for registration forms
* Compatibility with WordPress 6.3

= 5.7.2 =
* Updated flow of 2FA on registration form
* Minor bug fixes

= 5.7.1 =
* Bug fix - Users will be able to configure/reconfigure and reset cloud methods
* Bug fix - SMS Transactions will be credited when customers register in the plugin
* Bug fix - Fixed Email Transaction sync issue
* Added Resend OTP Button in case of OTP Over SMS, OTP over Telegram, OTP over Email methods
* Improvement - Enforced reconfiguration of the alternate method after login with backup code
* Feature Improvement - The 2FA prompt will be visible in case of TOTP method has not been set for the admin
* Updated plugin dashboard UI - Added My Account tab for miniOrange User Account

= 5.7.0 =
* Code Improvements according to WPCS
* Feature Improvement - Added role-based checks for login through new IP
* Improvement - Error handling for account creation

= 5.6.6 =
* Google Authenticator - Two-factor Authentication - 2FA, OTP :
* Bug fix - redirection issue for users in a Multisite environment
* Improvements - Removed External links from Google Authenticator
* Improvements - Mobile responsiveness of setup wizard
* Improvement for SMS/Email verification on the PaidMembership Proform
* Updated Pricing plan according to new use cases 
* Updated Add SMS notification/button check
* Updated feedback form
* Advertised OTP over WhatsApp

= 5.6.5 =
* Google Authenticator - Two-factor Authentication - 2FA, OTP :
* Bug fix - Save template for notifications on email
* Bug fix - Error in SMS authentication setup through plugin dashboard
* Updated Network Security removal notice message

= 5.6.4 =
* Google Authenticator - Two-factor Authentication - 2FA, OTP :
* Bug fix - headers already sent in messages.php

= 5.6.3 =
* Google Authenticator - Two-factor Authentication - 2FA, OTP :
* Skip-2 factor option removed from the inline setup
* Backup code button will always be shown
* Added login form and theme fields in the trial request form
* CSS-JS version added for all scripts and styles respectively
* Autofocus for many input fields and submit the form when Enter is hit

= 5.6.2 =
* Google Authenticator - Two-factor Authentication - 2FA, OTP :
* Vulnerability fixes
* Removed Network Security for new users
* Updated Pricing page UI

= 5.6.1 =
* Google Authenticator - Two-factor Authentication 2FA, OTP :
* Bug fix- Headers already sent
* Added SMTP check for sending backup codes on 2fa prompt 

For older changelog entries, please see the [additional changelog.txt file](https://plugins.svn.wordpress.org/miniorange-2-factor-authentication/trunk/changelog.txt) provided with the plugin.

== Upgrade Notice ==

= 6.0.4 =
* Improvement - Updated Login Transaction Report UX
* 2FA Pricing Plan updates

= 6.0.3 =
* Bug Fixes - Google Authentication CSS-JS loading issue in login

= 6.0.2 =
* Setup Wizard flow changes.
* Bug Fix in Setup Wizard flow.

= 6.0.1 =
* Bug fixes for UI/UX plugin release

= 6.0.0 =
* Updated UI/UX of the plugin dashboard
* Added configuration for customizations of all email notifications White Labelling > Email Templates
* Added 2FA reconfiguration link over email as a backup method
* Added Cusotm Redirect URL after login feature
* Extended grace period functionality
* Removed miniOrange Authenticator 2FA method
* Removed DUO Authenticator 2FA method
* Shifted Google Authenticator Custom App name to White Labelling > 2FA Customizations

= 5.8.4 =
* Updated jquery jquery.dataTables.min.js version to latest version
* Bug fixes- Getting error on user account creation on WooCommerce

= 5.8.3 =
* Compatibility with WordPress 6.5
* Fixed redirection issue on activation with WordPress 6.5
* Changed refund Policy link
* Updated miniOrange portal links

= 5.8.2 =
* Bug Fix- Log out the users when grace period is enabled
* Improvement- Added SMTP checks for email verification authentication
* Improvement- Updated UX for Email Verification method
* Fixed- Warnings in the error logs

= 5.8.1 =
* Bug Fix- Show backup codes to users after configuring Email Verification
* Updated UI for Google Authenticator user configuration screens
* Updated UI of Setup Wizard

= 5.8 =
* Bug fix- 2FA method was getting updated when updating a user on user-edit page
* Updated UI for OTP over SMS, OTP over Email and OTP over Telegram configuration screens
* Added Email Varification authentication method

= 5.7.5 =
* Compatibility with WordPress 6.4

= 5.7.4 =
* Bug fix- Keep end users' 2FA configuration when the plugin is deactivated
* Bug fix- Attempts left for the OTP-based methods
* Bug fix- Display App Key for Google authenticator in 2FA inline registration

= 5.7.3 =
* Bug fixes for registration forms
* Compatibility with WordPress 6.3

= 5.7.2 =
* Updated flow of 2FA on registration form
* Minor bug fixes

= 5.7.1 =
* Google Authenticator - Two-factor Authentication - 2FA, OTP :
* Bug fix - Users will be able to configure/reconfigure and reset cloud methods
* Bug fix - SMS Transactions will be credited when customers register in the plugin
* Bug fix - Fixed Email Transaction sync issue
* Added Resend OTP Button in case of OTP Over SMS, OTP over Telegram, OTP over Email methods
* Improvement - Enforced reconfiguration of the alternate method after login with backup code
* Feature Improvement - The 2FA prompt will be visible in case of TOTP method has not been set for the admin
* Updated plugin dashboard UI - Added My Account tab for miniOrange User