Two-Factor Authentication Protection

2FA, short for Two Factor Authentication, is a protection system passed in two steps, meant to remove any unauthorized logins. This system allows users to use a one-time generated code in order to confirm identity during the authentication process. These codes are generated by an app installed on a smartphone. Use [[cw_2fa_protection]] shortcode inside Account Endpoints section in order to display in frontend.

In order to setup 2FA Protection, a smartphone with Google Authenticator or Authy downloaded is required. These applications are recommended due to cloud backup services in case the smartphone is changed or lost. In the application setup stage, scan the QR code in order to generate temporary login codes. If the app on the phone is showing the same code as the one in the page (check current authentication code), it means you have successfully configured your account protection.

Activate System through the Checkbox next to section title and Save Changes.

Enable Protection for: depending on what type of access the account has (Administrator, Editor, Author, etc.) you can activate this feature by user role.
Enable Password Check First: verify password before 2FA code inside authentication forms.
Enable Compulsory Protection: force user roles to activate 2FA.
Enforce 2FA Activation in: define time interval for 2FA activation to be enforced in a defined period of time.
Hide 2FA Disable Button: by ticking this checkbox, the ability to disable 2FA is no longer present.
Redirect Link after Expiration: add post access link for expired 2FA setup process.
2FA Configuration Link: add link for frontend account endpoint (WooCommerce Plugin Required).
2FA Period Extension Email Subject: generic email subject for period extension, which can be personalized.
2FA Period Extension Email Content: generic email body content for period extension, which can be personalized.
Enable Trusted Devices: enable trusted devices by roles, which don’t require 2FA code for a period of time.
Request New Two-Factor Code After: define time interval for which the login will not request another code.
Emergency Codes Volume: number of backup 2FA codes, in case access to smartphone app is lost.
Invalid Token Message: customize error message for situations where codes are wrongly typed in.
Invalid Emergency Token Message: customize message for the emergency code wrongly typed in.
Frontend Section Content: instructions for 2FA setup inside account endpoint (WooCommerce Plugin Required).

Reset Section Settings using the checkbox and Save Changes button in order to remove database entries.