two-factor Log or alert on failed 2FA codes

Log or alert on failed 2FA codes

Open jeffpaul opened this issue 3 years ago • 3 comments

Logging a placeholder issue from insight shared from @georgestephanis after finding a related tweet on this topic... We should fire off a log or alert to site admins on any failed 2FA code. Or an error_log or something. So if someone has a password but is trying to brute force a code it can get caught.

Sep 20 '22 02:09 jeffpaul

I extended the Two_Factor_Provider class adding the function to log the failure:

https://github.com/WordPress/two-factor/blob/3b694493bb52ba64f286279bd88e5dbedaffaf18/providers/class-two-factor-provider.php#L75-L106

And added it to TOTP:

https://github.com/WordPress/two-factor/blob/3b694493bb52ba64f286279bd88e5dbedaffaf18/providers/class-two-factor-totp.php#L290-L304

Now, other providers can use it.

I guess it's not the better way to use error_log, though.

Oct 04 '22 03:10 Lucisu

Related: #476 would be a good follow-up to this IMO

Oct 19 '22 17:10 iandunn

two-factor two-factor copied to clipboard

Log or alert on failed 2FA codes

two-factor
two-factor copied to clipboard