描述
2-Step Verification Code
Code9 2-step verification code will add more protection to site admin area.
- Allow admin to create 2-step verification code to every user.
- Allow user to create 2-step verification code after active plugin.
- Can change 2-step verification code anytime at profile setting page.
- Blocked. if user type 2-step verification code wrong more than 4 attemps.
- Admin can force all user to type 2-step verification code again.
- Admin can active and deactive 2-step verification code anytime.
Anti Brute Force
Prevent attacker from continuous login. (Including xmlrpc.php)
* If plugin detects that there is a continuous login. Plugin will redirect user to Recapcha page before allow user to continue login.
屏幕截图
Active 2-step verification code. 
When user sign in but does not set up 2-step verification code. Plugin will force user to create new 2-step verification code. 
Confirm 2-step verification code. 
If user already setup 2-step verification code. Plugin will ask user to input 2-step verification code. 
User can change 2-step verification code anytime at profile setting page. 
User input wrong 2-step verification code. 
If user input 2-step verification code wrong more than 4 attemps. Account will locked. 
User can try 2-step verification again when locked time is up. 
Install and activate Code9 plugin. 
Prevent user to continuous login if user has repeatedly entering wrong username or password.
安装
- Upload the Code9 plugin to your site.
- Ativate plugin.
- On admin menu (left side menu of admin area) click Code9.
- Check Use 2 step sign in verification code
评价
2021年10月19日
I have install my plugin to my client websites. Uninstall other security plugins. Active 2 functions of this plugin (2-step verification, Anti brute force). The results look good.
- Website speed improve at wp-admin page.
- Hacker try to hack with xmlrpc.php has been blocked at recapcha page.
- Hacker can not pass 2-step login page.
I wish website that use this plugin will have same experience as well.
贡献者及开发者
更新日志
1.0.1
- Add function anti brute force attack.
1.0.2
- Use include functions instead of require.
1.0.3
- Downgrade plugin minimum requirement to PHP version 5.6.4 and WordPress version 4.1
- Fixed bug can’t force all user to sign out 2-step verification.
1.0.4
- Add Logs tabs to show who is trying to login to your site but fail.
1.0.5
- Show data on log tabs when attacker try to login more than 2 attempts.
1.0.6
- Add 2 step verification code blocking time setting.
1.0.7
- Extract single static file to multiple files.
1.0.8
- Remove unnecessary static file.
1.0.9
- Add design to error page when user can not pass 2-step verification.
1.0.10
- Only admin role delete_others_posts can edit setting.