説明
無料で簡単に使える WordPress 用の2要素認証プラグイン
Add an extra layer of security to your WordPress website login page and its users. Enable two-factor authentication (2FA), the best protection against users using weak passwords, and automated password guessing and brute force attacks.
Features | Getting Started | 14-Day Premium Trial
WP 2FA plugin を使えば、WordPress 管理者ユーザーに2要素認証 (2FA) を有効化し、サイトのすべてまたは一部のユーザーに対して使用を強制ができます。このプラグインはとても簡単に使えます。わかりやすい解説のあるウィザードがあり、技術者が手助けしなくても非技術者が 2FA 設定を完了できるようになっています。
WP White Security がメンテナンス・サポートしています
WP White Security builds high-quality WordPress security & admin plugins such as WPassword, and WP Activity Log, the #1 user-rated activity log plugin for WordPress.
Browse our list of WordPress security plugins to see how our plugins can help you better manage and improve the security of your WordPress websites and users.
WP 2FA 主要なプラグイン機能・ケーパビリティ
- 無料で2要素認証 (2FA) をすべてのユーザーに
- Supports multiple 2FA methods
- Universal 2FA app support – generate codes from Google Authenticator, Authy & any other 2FA app
- 2FA バックアップコードのサポート
- Very easy to use and simple to set up
- Use 2FA policies to enforce 2FA with a grace period
- Or require users users to instantly setup 2FA upon logging in
- Out of the box support for third party plugins such as WooCommerce and other e-commerce & membership plugins
- No WordPress dashboard access required for users to set up 2FA
- 自動パスワード推測や辞書引き攻撃に対しての保護
- And many other plugin features)
Extend the functionality of WP 2FA & automate more
- 2FA over SMS, Push notification, WhatsApp and incoming call via Authy integration
- Add trusted devices – no need for 2FA code each time you log in
- Whitelabel all the 2FA pages – for a consistent user experience
- Give the users more 2FA methods to choose from and use
- Configure different 2FA policies for different user profiles
- More alternative 2FA backup methods
- Easily get an overview of users’ 2FA setup with the reports
- And many other features
Refer to the features and benefits page to learn more about the benefits of upgrading to WP 2FA Premium.
Free and Premium Support
WP 2FA のサポートは、WordPress のサポート フォーラムで無料です。
Premium world-class support is available via email to all WP 2FA Premium users.
Note: paid customer support is given priority and is provided via one-to-one email and over the phone. Upgrade to Premium to benefit from priority support.
その他の質問やフィードバックしたい方、または単にご連絡をご希望の方は、お問い合わせフォームをご利用ください。
As Featured On:
関連リンク・技術文書
- The benefits of using 2FA on WordPress
- 2FA – what is Two-factor authentication
- Why you need both 2FA & strong passwords
- Setting up Google authenticator for WordPress 2FA
- 対応 2FA アプリの一覧
- The definitive guide to WordPress Security
- Official WP 2FA plugin website
WordPress 内から
- 「プラグイン → 新規追加」にアクセス
- ‘WP 2FA’ を検索
- 「プラグイン」ページから WP 2FA をインストール・有効化
手動で
- WordPress プラグイン レポジトリからプラグインをダウンロード
- パッケージを解凍して、
wp-2faフォルダを/wp-content/plugins/ディレクトリにアップロードしてください。 - WordPress の「プラグイン」メニューから WP 2FA プラグインを有効化してください
スクリーンショット
The first-time install wizard allows you to setup 2FA on your website and for your user within seconds. 
The wizards make setting up 2FA very easy, so even non technical users can setup 2FA without requiring help. 
You can require users to enable 2FA and also give them a grace period to do so. 
Users can also use one-time codes via email as a two-factor authentication method. 
ポリシーを使用して、ユーザーに 2FA を即座に設定して使用するように要求でき、次回ログインしたときに、これが表示されます。 
It is recommended for all users to also generate backup codes, in case they cannot access the primary device. 
In the user profile users only have a few 2FA options, so it is not confusing for them and everything is self explanatory. 
The plugin blocks the accounts of users who are required to have 2FA but fail to enable it within the grace period, so they do not jeopardize the security of your website.
評価
2022年10月4日
I do not get a veryfication E-Mail from the plugin to log in.
2022年9月9日
I want to report this plugin will trigger firewall loged your "/wp-login.php?action=validate_2fa" as a failed login(even you got the right username and password), if they can fix it , this will more help.
2022年9月2日
I installed it on two sites and set it up to receive an email. On one of them, after two days it was not sending the code. When I went to the support forum I saw that this was a recurring problem. And it's coming from the plugin itself, because the smtp server works perfectly.
2022年7月13日
WP 2FA is a fantastic way of helping to secure your Wordpress website.
And the support is great, too.
2022年7月8日
We ran into a bug when using this plugin and the support folks and the lead developer dug in and solved it right away. One of the best support experiences we've had.
2022年6月22日
Installed this plugin years ago and was very satisfied.
However since today I could not enter my site anymore. Got a message that I only can enter my site after upgrading to the 'PRO' version.
Took me 2 hours to get access to my own site again. Deleting the plugin was not enough. the plugin installed three other files -which I found too- enabling me to access my own site.
I think this plugin in general should be deleted from the WordPress repository.
貢献者と開発者
変更履歴
2.3.0 (2022-09-06)
Release notes: More white labelling options & better licensing
-
New features
- Added a new plugin setting so admins can disable the 2FA wizards styling.
-
Improvements
- Several UI and styling improvements in the plugin’s settings pages.
- User’s 2FA configuration is removed when user is excluded.
- Applied improved and responsive styling to the user 2FA wizards.
- Better out-of-the-box support for websites on which access to wp-login.php & wp-admin is blocked.
- Super administrators can now log in and use 2FA even if they do not have any role on any sub sites.
- Added support for websites hosted on Godaddy that also have the Sucuri plugin enabled (Sucuri plugin was breaking the 2FA code page).
- Better UX for when creating the front-end 2FA page settings.
- Updated the Freemius SDK to version 2.4.5 to support PHP 8.1.
- Applied several updates to the “user 2FA status check” code for more reliable status reporting.
- Applied several maintenance and WP coding standards checks.
- Plugin bails out early instead of trying to process users with ID 0.
- Placeholders in plugin settings have been replaced by onces which allow you to see all the content without scrolling.
- Improved the process that extracts the user role on multisite networks resulting in improvement of how the plugin handles users with multiple roles.
- Rmoved the words “Google Authenticator” from all the wizards and using “2FA app” instead – plugin supports multiple 2FA apps.
- Fixed the “focus” in the user 2FA wizard so the cursor is always in the expected location – user does not have to click to select where to enter the verification code.
-
Security Improvement
- Plugin now uses the WordPress salts to store and encrypt 2FA data in the database.
- Improved the comparison of authentication codes – ensuring the plugin is not vulnerable to time-based side-channel attacks.
-
Bug fixes
- Fixed: QR code not loading in user 2FA wizard in some edge cases on a multisite network.
- Fixed: the setting “Hide Remove 2FA button” was not properly reflecting the status on multisite networks.
- Fixed: grace period check cron called the wrong settings.
- Fixed: two emails are sent when a backup code over email is requested.
- Fixed: incorrect 2FA methods count was showing in the user wizard.
Refer to the complete plugin changelog for more detailed information about what was new, improved and fixed in previous version updates of WP 2FA.