🎉 Use coupon MYXERO to enjoy 20% recurring discount on any plan. View Pricing
XeroWP
OOSOFT 2FA Security

OOSOFT 2FA Security

0/5 (0 ratings) — active installs Updated Apr 28, 2026
2FAotpsecuritytotptwo factor authentication
Download v1.0.2 Plugin Website

OOSOFT 2FA Security adds robust two-factor authentication to your WordPress site. Protect every login with a second verification step using a TOTP authenticator app (Google Authenticator, Authy, etc.) or a one-time code sent to your email address.

Key Features:

  • TOTP Authenticator App — compatible with Google Authenticator, Authy, Microsoft Authenticator, and any RFC 6238-compliant app.
  • Email OTP — sends a time-limited one-time code to the user’s registered email address.
  • Backup Codes — generate single-use recovery codes so users are never locked out.
  • Role-Based Enforcement — require 2FA for specific roles (e.g. administrators) while leaving it optional for others.
  • Rate Limiting — brute-force protection with configurable attempt limits and lockout periods.
  • Security Logs — detailed event logging with filterable admin view and automatic pruning.
  • Encrypted Secret Storage — TOTP secrets are encrypted at rest using libsodium (preferred) or AES-256-GCM/CBC via OpenSSL.
  • HKDF Key Derivation — encryption keys are derived from your WordPress secret keys; no raw key material is stored.