このプラグインは WordPress の最新3回のメジャーリリースに対してテストされていません。もうメンテナンスやサポートがされていないかもしれず、最新バージョンの WordPress で使用した場合は互換性の問題が発生する可能性があります。

Encourage User Activation for Google Authenticator

説明

The Google Authenticator plugin is a great way to add two-factor authentication to your site, but in order for it to work, users have to activate it for their account themselves. They may not know that it’s available, or may not be motivated to enable it.

This plugin helps administrators to encourage users to activate it, and has three different methods for doing that, depending on how strict you want to be:

  • Gently Nag the user: A warning message will appear at the top of the Dashboard and Profile screens, asking them to enable two-factor authentication. The message goes away when they enable it. This is the default behavior.
  • Persistently Nag the user: The warning will appear at the top of all screens until they enable two-factor auth.
  • Force the user: The warning will appear on all screens, and the user will also be prevented from doing anything inside wp-admin until they activate two-factor auth. They’re temporarily assigned the role of a Subscriber, and redirected to their profile whenever they try to access another screen. Once they enable two-factor auth, their original role is restored and they can access other screens again.
    Keep in mind that the Google Authenticator plugin doesn’t require users to enter a valid 2FA code from their phone during the activation process, so some users may not set it up correctly and lock themselves out of their account. This is unfortunate and may result in more support requests, but it’s a small price to pay for increased security.

スクリーンショット

  • Under ‘Nag’ mode, the user has normal access, but will always see a nag message.
  • Under ‘Force’ mode, the user will always be redirected to their profile, so that they can’t do anything until they enable two-factor authentication.
  • The configuration options on the General Settings page.

インストール

For help installing this (or any other) WordPress plugin, please read the Managing Plugins article on the Codex.

Once the plugin is installed and activated, you can visit the General Settings screen to choose whether users should be nagged to enable two-factor authentication, or forced to.

FAQ

Does this replace the Google Authenticator plugin?

No, this is built on top of the Google Authenticator plugin and requires it in order to work.

Can I customize the notice that’s displayed when a user doesn’t have two-factor authentication enabled?

Yes, you can use the gaeua_notice_nag and gaeua_notice_force filters. For example, you can copy and paste the following code into a functionality plugin:

add_filter( 'gaeua_notice_nag', 'gaeua_notice_nag' );
function gaeua_notice_nag( $nag ) {
    ob_start();
    ?>

        <div class="error">
            <p>
                Enter your custom message here.
            </p>
        </div>

    <?php
    $nag = ob_get_clean();

    return $nag;
}

評価

2016年9月3日
Can confirm works with WP 4.4. IMO, a necessary addition to the great Google Authenticator plugin. Thanks!
3件のレビューをすべて表示

貢献者と開発者

Encourage User Activation for Google Authenticator はオープンソースソフトウェアです。以下の人々がこのプラグインに貢献しています。

貢献者

“Encourage User Activation for Google Authenticator” をあなたの言語に翻訳しましょう。

開発に興味がありますか ?

コードを閲覧するか、SVN リポジトリをチェックするか、開発ログRSS で購読してみてください。

変更履歴

v0.2 (2017-02-26)

  • [NEW] Added a gentle nag mode, where the warning is only shown on the Dashboard and Profile screens.

v0.1 (2013-12-14)

  • [NEW] Initial release