説明
無料で簡単に使える WordPress 用の2要素認証プラグイン
Add an extra layer of security to your WordPress website login page and its users. Enable two-factor authentication (2FA), the best protection against users using weak passwords, and automated password guessing and brute force attacks.
Features | Getting Started | 14-Day Premium Trial
Use the WP 2FA plugin to enable two-factor authentication for your WordPress administrator user, and to enforce your website users, or some of them to use 2FA. This plugin is very easy to use. It has wizards with clear instructions, so even non technical users can setup 2FA without requiring technical assistance.
WP White Security がメンテナンス・サポートしています
WP White Security builds high-quality WordPress security & admin plugins such as WPassword, and WP Activity Log, the #1 user-rated activity log plugin for WordPress.
Browse our list of WordPress security plugins to see how our plugins can help you better manage and improve the security of your WordPress websites and users.
WP 2FA 主要なプラグイン機能・ケーパビリティ
- 無料で2要素認証 (2FA) をすべてのユーザーに
- Supports multiple 2FA methods
- Universal 2FA app support – generate codes from Google Authenticator, Authy & any other 2FA app
- Supports 2FA backup methods
- Very easy to use and simple to set up
- Use 2FA policies to enforce 2FA with a grace period
- Or require users users to instantly setup 2FA upon logging in
- Out of the box support for third party plugins such as WooCommerce and other e-commerce & membership plugins
- No WordPress dashboard access required for users to set up 2FA
- Protection against automated password & dictionary attacks
- And many other plugin features)
Extend the functionality of WP 2FA & automate more
- 2FA over SMS, Push notification, WhatsApp and incoming call via Authy integration
- Add trusted devices – no need for 2FA code each time you log in
- Whitelabel all the 2FA pages – for a consistent user experience
- Give the users more 2FA methods to choose from and use
- Configure different 2FA policies for different user profiles
- More alternative 2FA backup methods
- Easily get an overview of users’ 2FA setup with the reports
- And many other features
Refer to the features and benefits page to learn more about the benefits of upgrading to WP 2FA Premium.
Free and Premium Support
Support for WP 2FA is free on the WordPress support forums.
Premium world-class support is available via email to all WP 2FA Premium users.
Note: paid customer support is given priority and is provided via one-to-one email and over the phone. Upgrade to Premium to benefit from priority support.
For any other queries, feedback, or if you simply want to get in touch with us please use our contact form.
As Featured On:
関連リンク・技術文書
- The benefits of using 2FA on WordPress
- What is Two-factor authentication
- Why you need both 2FA & strong passwords
- Setting up Google authenticator for WordPress 2FA
- List of supported 2FA apps
- The definitive guide to WordPress Security
- Official WP 2FA plugin website
WordPress 内から
- 「プラグイン → 新規追加」にアクセス
- ‘WP 2FA’ を検索
- 「プラグイン」ページから WP 2FA をインストール・有効化
手動で
- WordPress プラグイン レポジトリからプラグインをダウンロード
- パッケージを解凍して、
wp-2fa
フォルダを/wp-content/plugins/
ディレクトリにアップロードしてください。 - WordPress の「プラグイン」メニューから WP 2FA プラグインを有効化してください
スクリーンショット
The first-time install wizard allows you to setup 2FA on your website and for your user within seconds. The wizards make setting up 2FA very easy, so even non technical users can setup 2FA without requiring help. You can require users to enable 2FA and also give them a grace period to do so. Users can also use one-time codes via email as a two-factor authentication method. ポリシーを使用して、ユーザーに 2FA を即座に設定して使用するように要求でき、次回ログインしたときに、これが表示されます。 It is recommended for all users to also generate backup codes, in case they cannot access the primary device. In the user profile users only have a few 2FA options, so it is not confusing for them and everything is self explanatory. The plugin blocks the accounts of users who are required to have 2FA but fail to enable it within the grace period, so they do not jeopardize the security of your website.
評価
貢献者と開発者
変更履歴
2.2.1 (2022-05-02)
-
Security fix
- Fixed a reflected cross-site scripting issue in plugin’s admin page – reported by Utkarsh Agrawal.
-
Improvements
- Beefed up the escaping and filtering of all user input in the plugin’s admin pages.
2.2.0 (2022-04-14)
Release notes: 2FA with SMS, Push notifications, WhatsApp & more!
-
New features
- New setting to configure how to handle logins if an external 2FA service is unavailable during login.
-
Improvements
- Added the functionality to exclude users and roles from 2FA, regardless of the type of 2FA enforcement policy you have configured.
- Improved the function that checks which policies apply to the user logging in based on the user role (to address some inconsistencies when users’ roles are changed).
- Applied several styling tweaks to the user 2FA setup wizard and plugin settings.
- Improved the text used in the white labelling settings.
- Removed the word “WordPress” from all 2FA user wizards.
- Added more validation checks to some of the plugin settings that accept user input.
- Improved the text in several notifications to better explain the issue to the user.
- Redirects after first-time install wizard improved to better guide administrators.
-
Security Fix
- Insecure Direct Object Reference issue that allows users to disable another users’ 2FA settings through a specific URL request. Issue reported by Maycon Vitali.
-
Bug fixes
- Fixed: Fatal error caused in some edge causes, which was caused from the removal of premium code during the build process.
- Fixed: Plugin only redirecting user to a custom “after 2FA setup URL” if they generate the backup codes.
- Fixed: Addressed a PHP warning triggered during logging in when there is are no set policies -(support ticket).
- Fixed: JavaScript responsible for storing the email backup code was removed from the admin part.
Refer to the complete plugin changelog for more detailed information about what was new, improved and fixed in previous version updates of WP 2FA.