Voozh

VOOZH

URL: https://wordpress.org/support/topic/only-protects-wp-loginphp/

⇱ Only protects /wp-login.php | WordPress.org

Skip to content

Forums / Plugin: Authenticator for WordPress / Only protects /wp-login.php

👁 Image
Jon Brown
(@jb510)

11 years, 3 months ago

Just a note. This only protects the standard /wp-login.php login screen. If your using something (membership plugin) that creates it’s own custom login, it’ll very likely by-pass 2FA.

https://wordpress.org/plugins/wp-google-authenticator/

Viewing 5 replies - 1 through 5 (of 5 total)

👁 Image
Ovidiu
(@ovidiu)

10 years, 8 months ago

Is this a statement or a question? Have you verified it?

Thread Starter 👁 Image
Jon Brown
(@jb510)

10 years, 8 months ago

Statement.

Fyi Julien is aware, not much he can do about it. I worked with Pippin (Restrict Content Pro) and there is a plugin patch on github for RCP to redirect admins to the WP-login page.

Moderator 👁 Image
Pippin Williamson
(@mordauk)

10 years, 8 months ago

I need to add support for this one too.

RCP does support https://wordpress.org/plugins/google-authenticator/ on the log in forms.

👁 Image
Ovidiu
(@ovidiu)

10 years, 8 months ago

Thanks, so if I understand this correctly, if I manage the blog and know there is no other way to login than wp-login.php I’m good to go?

👁 Image
Ovidiu
(@ovidiu)

10 years, 8 months ago

not sure if you are aware of this but there seems to be a plugin aiming to bring this into WP core: https://wordpress.org/plugins/two-factor/

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Only protects /wp-login.php’ is closed to new replies.

5 replies
3 participants
Last reply from: Ovidiu
Last activity: 10 years, 8 months ago
Status: not resolved