This is exactly what we needed in my opinion this plugin should be merged into the core. Keep up the great work!

I am plugin developer myself and so far, i see that this plugin is best (for technical reasons) out of what i know.

it even has it’s github development.

excellent author, i appreciate.

Thanks for providing an used-to-be-good plugin. It was working great, but it isn’t now unfortunately – the email-based two-factor is no longer working, I got the error message below which exposed sensitive link on my website
Warning: call_user_func_array() expects parameter 1 to be a valid callback, function ‘wp_login_viewport_meta’ not found or invalid function name in /xxxx/xxxx/public_html/wp-includes/class-wp-hook.php on line 286

Appears that this plugin is the only one which supports multiple and all kinds of yubikey including the FIDO, I really love this feature, happy to buy this plugin if there is a premium edition to support the developer.

I’ll review my rating once this issue is fixed.

I already use it on some blogs. It is critical to protect our blogs.

Congratulations on your work.

Simple, Free, Multiple Options, and smooth. Been using on multiple demos and working well. Was previously using another one by Henrik Schack that worked well & I did like very much but had less options. This one is much more feature oriented and I like the way it auto detects users that are 2FA users so it only prompts them for the extra step. This eliminates the need for an extra plugin like « Per User Prompt ». I also like the naming convention when using it on your mobile device and how it takes the name of the site « Website Name – UserName », vs a long naming convention like « WordPress – Website Name – UserName ».

Thank you to @georgestephanis, and his team of colleagues for this plugin

– Mark

Ok, tonight I tested many two factors plugins. This one is my favorite. Just two things missing :

1 – French translation
2 – The possibility of memorizing the device on which the double authentication has been used. I would like to skip the two factor when I use same browser or same computer. Could be cool to save the devise (in database ?) and remove a device from the list.