Descripción
DB Solution – 2FA adds focused login security features to WordPress without enabling every protection automatically.
After activating the plugin, each feature remains disabled until the site owner chooses what to enable.
Available protections:
- Email-based two-factor authentication.
- Custom login URL.
- Login monitoring by email.
- Advanced Strict Mode for OTP checks.
- Manual IP and CIDR blocking.
- Login attempt log without storing passwords.
Email-based two-factor authentication requires a working WordPress email system. Before enabling it, verify that the site can send emails and that users can receive the OTP code.
Compatibility
- WordPress: 6.0 through 7.0.
- PHP: 8.2 or later. Tested on PHP 8.4.18 in the local WordPress 7 test site.
Capturas
DB Solution dashboard. 
Settings panel with separate security features. 
Security guide and credits. 
Instalación
- Upload the
db-solution-2fafolder to/wp-content/plugins/. - Activate the plugin from the WordPress Plugins screen.
- Open the DB Solution menu and enable only the protections needed by the site.
Reseñas
No hay reseñas para este plugin.
Colaboradores y desarrolladores
Este software es de código abierto. Las siguientes personas han contribuido a este plugin.
Colaboradores
Traduce “DB Solution – 2FA” a tu idioma.
¿Interesado en el desarrollo?
Revisa el código, echa un vistazo al repositorio SVN o suscríbete al registro de desarrollo por RSS.
Registro de cambios
15.13
- Fix: sanitized the AJAX option value in a way accepted by WordPress coding standards.
- Fix: preserved the login remember-me choice without reading unsanitized form data directly.
- Update: declared compatibility through WordPress 7.0 for the WordPress 7 test site.
- Update: rewrote the readme short description and description in standard English.
15.12
- Security: added a 5-attempt limit for each OTP code.
- Security: the remember-me cookie is used only when selected by the user.
15.11
- Fix: removed inline helper functions unavailable in the login context to avoid fatal errors.
15.10
- Update: added the countdown to the 2FA verification screen.
- Update: updated the email footer with the site name and plugin by Unicorn Designer.
15.9
- Update: main toggles and simple fields now save automatically without a general save button.
- Update: the manual save button remains only in the IP blocking card with the label Save blocked IPs.
15.8
- Update: redesigned the settings interface with custom cards, icons, and colors.
- Update: replaced classic WordPress tabs with pill navigation.
- Compatibility: kept the code compatible with PHP 8.3 and PHP 8.4 without PHP 8.5-only features.
15.7
- Update: removed the large header card from the settings page.
- Update: refreshed the settings design with lighter cards.
- New: added the access attempts tab with username or email, IP address, browser, date, and result.
- Security: attempted passwords are never stored in the log.
15.6
- Update: removed the global switch from the interface and public logic.
- New: added the IP blocking section with support for single IP addresses and CIDR networks.
- Update: refreshed the admin design for settings, guide, and credits.
15.5
- Update: declared compatibility through WordPress 6.9.
- Update: separated the global control from 2FA activation.
- New: added a dedicated Enable Email 2FA option.
- New: added a confirmation notice before enabling email-based 2FA.
- Fix: login monitoring works even when 2FA is not active.
- Update: rewrote guide and credits text.
15.4
- New: added Strict Mode security that locks OTP verification to IP address and user agent.
- New: added OTP expiration time setting.
- New: added settings saved confirmation message.
- Fix: sanitized server variables and inputs according to WordPress coding standards.
15.3
- Fix: moved CSS and JS to external files and enqueued them properly.
- Fix: removed the assets folder from the plugin ZIP.
15.2
- Update: renamed plugin slug, text domain, and prefixes to db-solution-2fa.
15.1.5
- Security improvements: strict sanitization and nonce checks.
- Removed the internal updater to comply with WordPress.org repository standards.
15.1.1
- Standard fix for WordPress.org compliance.
15.1.0
- Full integration into the DB Solution suite.
- New modular and modern user interface.
- Code refactoring for performance and security.
15.0.0
- Previous standalone version.