This documentation will show you how to install and activate 2-factor authentication for your MemberPress site. It will also explain how to make it so that the member is required to use 2-factor authentication to be able to log in.
Installation:
MemberPress already has the integration built in, so nothing needs to be activated within MemberPress.
First, you must go to WordPress > Plugins > Add New page and search for “Two-factor“. Once the plugins pull up, you will want to install the plugin called Two-factor by Plugin Contributors:
Once installed, all you need to do is activate it and everything will be set up.
Using 2 Factor Authentication:
Your members will now see a Two Factor Authentication menu item on their Account page:
After clicking the menu item, they will have 3 different options for 2-factor authentication:
- Email: This option will send the member an email with a verification code each time they try to log in.
- Time Based One-Time Password(TOTP): This option will send a code to a device that has scanned the QR code each time the member tries to log in.
- Backup Verification Codes: This option creates 10 verification codes that can be saved somewhere safe in case the member needs a code to log in and doesn't have a way to retrieve the other 2 options.
Forcing Members to Use 2-Factor Authentication:
The options above are only optional at this point, but if you want to force your members to use 2-factor authentication, some code is needed. You can enter this code in your functions.php file or in a plugin like the WPCode plugin (please check this article for details: How to add custom code snippets in WPCode):
function mepr_disable_auto_login($auto_login, $membership_id, $mepr_user) { return false; } add_filter('mepr-auto-login', 'mepr_disable_auto_login', 3, 3); function memberpress_two_factor_primary_provider_for_user($provider, $user_id) { if (empty($provider)) { return 'Two_Factor_Email'; } return $provider; } add_filter('two_factor_primary_provider_for_user', 'memberpress_two_factor_primary_provider_for_user', 1, 2); function memberpress_two_factor_enabled_providers_for_user($enabled_providers, $user_ID) { if (!in_array('Two_Factor_Email', $enabled_providers)) { $enabled_providers[] = 'Two_Factor_Email'; } return $enabled_providers; } add_filter('two_factor_enabled_providers_for_user', 'memberpress_two_factor_enabled_providers_for_user', 1, 2);