WooCommerce Two Factor Authentication Plugin integrates seamlessly into your WooCommerce login page and implements a two-factor authentication process!
How It Works: The Authentication Workflow
Once the plugin is activated, the process is straightforward:
- When the customer accesses the login page, besides the Username and Password fields, he will also see the new OTP field and the “OTP send” button (the login button will be hidden until the OTP is sent)
- Once he entered the Username/Email and clicked the “OTP send” button, he will receive the OTP via email, and the login button will appear
- The customer can then enter the OTP and proceed with the login
WooCommerce Two Factor Authentication Plugin Features: –
The shop administrator can use the admin area to adjust the OTP notification e-mail, the subject, the error message and much more! He can also configure other parameters such as the OTP length and the validity period.
The template for the OTP area can be customized. The template files can be copied into the theme folder and then customized to your liking!
- woocommerce-two-factor-auth/templates/frontend/wc-login-form.php: this is the template used in WooCommerce login area
- woocommerce-two-factor-auth/templates/frontend/wp-login-form.php: this is the template used in WordPress admin login area
The OTP is a randomly generated string of 12 lengths. The OTP is valid for a fixed period of time (5 minutes by default) after which it expires. To prevent brute force attacks, the plugin also checks the number of attempts the user is making. By default, the OTP expires after 3 unsuccessful attempts. All parameters can be edited from the options menu.
The plugin supports the WPML translation plugin. All available texts can be adapted and translated for each installed language.