Wordpress app: Can't login to the site if there's a 2FA plugin

[fluiddot]

Following several app reviews, if the site has a plugin that enables 2FA authentication, you can't log in to the app with a user with 2FA enabled as it results in an error.

App Reviews:

• p1698441537158879-slack-C0130RXKCUU
• p1697119457887059-slack-C0130RXKCUU
• p1677277560627759-slack-C0130RXKCUU

Expected behavior

The app can log in to a site using a user with 2FA enabled via a 2FA plugin installed on the site.

Actual behavior

The app can't log in to a site using a user with 2FA enabled via a 2FA plugin installed on the site.

Steps to reproduce the behavior

1. Create a self-hosted site (e.g. create a Jurassic Ninja site).
2. Install a 2FA plugin (e.g. https://wordpress.org/plugins/wordfence/).
3. Create a new user and enable 2FA.
4. Open the app.
5. Try to add the new self-hosted site.
6. Try to log in using the credentials of the 2FA user.
7. Observe the login process fails with an error.

Tested on iPhone 11, iOS 17.0.2, WordPress iOS 25.0.

Tested on Samsung Galaxy S20 FE 5G, Android 13, WPAndroid 25.0-rc-1

[dangermattic]

Thanks for reporting! 👍

[technopagan]

Just got impacted by this after setting up "Two Factor" plugin. WP Android App can no longer login - not even with an application password.

Looks like this has been reported in 2023 already: https://github.com/wordpress-mobile/WordPress-Android/issues/19086

Will this be looked at?

[nbradbury]

@technopagan This is actually being actively worked on with a new way of logging in, but that is very much a work-in-progress and it may take some time to get it implemented.