Additional menu

Get MemberPress today! Start getting paid for the content you create! Get MemberPress Now
  1. Home
  2. Knowledge Base
  3. Add-ons
  4. Third-Party
  5. 2 Factor Authentication Integration by Plugin Contributors

2 Factor Authentication Integration by Plugin Contributors

This documentation will show you how to install and activate 2-factor authentication for your MemberPress site. It will also explain how to make it so that the member is required to use 2-factor authentication to be able to log in.

Installation:

MemberPress already has the integration built in, so nothing needs to be activated within MemberPress.

First, you must go to WordPress > Plugins > Add New page and search for “Two-factor“. Once the plugins pull up, you will want to install the plugin called Two-factor by Plugin Contributors:

Once installed, all you need to do is activate it and everything will be set up. 

Using 2 Factor Authentication:

Your members will now see a Two Factor Authentication menu item on their Account page:

After clicking the menu item, they will have 3 different options for 2-factor authentication:

  • Email: This option will send the member an email with a verification code each time they try to log in.
  • Time Based One-Time Password(TOTP): This option will send a code to a device that has scanned the QR code each time the member tries to log in.
  • Backup Verification Codes: This option creates 10 verification codes that can be saved somewhere safe in case the member needs a code to log in and doesn't have a way to retrieve the other 2 options.

Note: There is also a fourth option that can show up in WP_DEBUG is set to true. It will be an option titled “Dummy Method”.

Forcing Members to Use 2-Factor Authentication:

The options above are only optional at this point, but if you want to force your members to use 2-factor authentication, some code is needed. You can enter this code in your functions.php file or in a plugin like the WPCode plugin (please check this article for details: How to add custom code snippets in WPCode): 

function mepr_disable_auto_login($auto_login, $membership_id, $mepr_user) {
  return false;
}
add_filter('mepr-auto-login', 'mepr_disable_auto_login', 3, 3);

function memberpress_two_factor_primary_provider_for_user($provider, $user_id) {
  if (empty($provider)) {
    return 'Two_Factor_Email';
  }
  return $provider;
}
add_filter('two_factor_primary_provider_for_user', 'memberpress_two_factor_primary_provider_for_user', 1, 2);

function memberpress_two_factor_enabled_providers_for_user($enabled_providers, $user_ID) {
  if (!in_array('Two_Factor_Email', $enabled_providers)) {
    $enabled_providers[] = 'Two_Factor_Email';
  }
  return $enabled_providers;
}
add_filter('two_factor_enabled_providers_for_user', 'memberpress_two_factor_enabled_providers_for_user', 1, 2);

Note: This code (above) will only enforce the confirmation email 2FA authentication method. The member will still have the option to enable the other methods from within their account page.

Was this article helpful?

Related Articles

computer girl

Get MemberPress today!

Start getting paid for the content you create.