The 2FA (Two-Factor Authentication) & Login settings within the WP SMS plugin enhance the security of your WordPress site by adding an extra layer of authentication. Below are the details of each setting in this section.
Login With SMS
Status
- Active: Check this box to enable users to log in with a verification code sent via SMS. This feature adds an additional security measure for users accessing their accounts.
Message Body
- Message Body: Here, you can specify the SMS message format for login verification. Use variables like:
{code}
: Verification Code{user_name}
: Username{full_name}
: Full Name{site_name}
: Website Name{site_url}
: Website URL
User Account Creation on Login
- Active: Select this option if a user logging in with SMS should have an account created automatically if it doesn’t already exist. This is convenient for new users to get started quickly.
Two-Factor Authentication with SMS
Status
- Active: Enable this to allow for SMS verification as part of the login process. This option ensures that even if a password is compromised, the account remains secure unless the SMS code is also known.
Authentication Policy
- Authentication Policy: Choose how the two-factor authentication is implemented:
- Optional: Users can enable/disable it in their profile settings.
- Mandatory: Every user must use two-factor authentication, with no option to disable.
Message Content
- Message Content: Define the format for the two-factor authentication SMS message. Variables include:
{otp}
: One-Time Password{user_name}
: Username{first_name}
: First Name{last_name}
: Last Name