plugin-icon

Flavor 2FA

kuckovic yazdı·
Lightweight two-factor authentication that just works. Protect your WordPress site with authenticator apps or email codes in under 2 minutes.
2FA
login
security
Puanlar
İnceleme yap
Sürüm
1.0.0
Son güncellenme
Feb 17, 2026
Flavor 2FA

Flavor 2FA adds powerful two-factor authentication to your WordPress site without the complexity. No bloat, no confusing settings – just solid security that protects your site from unauthorized access.

Why Flavor 2FA?

  • Zero configuration needed – Works out of the box
  • Native WordPress styling – Feels like part of WordPress
  • Two verification methods – Authenticator apps (Google Authenticator, Authy, 1Password) or email codes
  • User-friendly setup – Guided 3-step process with QR code scanning
  • Complete admin control – Force 2FA, reset users, manage lockouts

Features

For Users: * Choose between authenticator app or email verification * 10 recovery codes for emergency access * “Trust this device” option to skip 2FA on personal devices * Simple, clean verification screens

For Admins: * Require 2FA for specific user roles * Grace period for new users * Force immediate 2FA setup on next login * Lockout protection against brute force attacks * Reset 2FA or unlock accounts with one click * See 2FA status for all users at a glance

Perfect For

  • Agencies managing client sites
  • WooCommerce stores handling sensitive data
  • Membership sites with user accounts
  • Any WordPress site that needs extra security

External services

This plugin uses a third-party service to generate QR codes during the TOTP authenticator app setup process.

QR Server API

When a user chooses the “Authenticator App” method during 2FA setup, the plugin generates a QR code image via the QR Server API. This QR code contains the TOTP secret URI (which includes the site name, user email, and secret key) so the user can scan it with their authenticator app.

  • What data is sent: A TOTP provisioning URI containing the site name, user email address, and a generated secret key.
  • When it is sent: Only once, when a user sets up TOTP-based two-factor authentication. No data is sent during normal login verification.
  • Service provider: goQR.me / QR Server
  • Service URL: https://goqr.me/api/
  • Terms of service: https://goqr.me/api/doc/
  • Privacy policy: https://goqr.me/privacy-policy/
ÜcretsizBusiness paketinde
Başlayın
Kurulum işlemini tamamlayarak, WordPress.com'un Hizmet Şartları ile Üçüncü Taraf Eklenti Şartlarını kabul etmiş olursunuz.
Test edilen son sürüm
WordPress 6.9.1
Bu eklenti, sitenizde kullanılmak üzere indirilebilir.
İndir