google-authenticator
google-authenticator copied to clipboard
ivankruchkoff
Don't check OTP if previous auth checks have failed, so that a more correct error message will be shown when a user with 2FA enabled enters incorrect password. Also added...
Very easy to reproduce: type in any code and it will be accepted. I'm on WP 6.2.2
Query Monitor flagged an undefined offset on line 221 in the main plugin file, `google authenticator.php` Might just need to be changed to `$user_role = $user->roles[0] ?? '';`
This is coming from our system teams: I discovered that the login users can be easily guessed which is a security concern. In order to replicate the issue do the...
I wanted to add support for Google Captcha on the secondary login screen here. It’s essentially one line of code in function secondary_login_screen() of the google-authenticator.php file. On line 650...
the field where you insert the 2FA code allows spaces. to my knowledge, no valid code would have a space in it. however, many apps insert a space to separate...
How can I track down the reason for my login always failing once I enable your google-authenticator plugin. Even though my phone clock seems to be always in sync I...
Hello Ivan, First of all, thanks for this plugin. This post is my first one on GitHub. I've 2 main suggestions that could improve your plugin and that I need...
From [https://wordpress.org/support/topic/requiring-users-to-input-code-prior-to-saving/](wp support forums) Require a user to prove they've setup the mfa correctly by entering the authenticator code before enabling it for their account.
