Title: Brightery Secure 2FA Author: Brightery Published: 23 aprilie 2026 Last modified: 23 aprilie 2026 --- Caută module ![](https://ps.w.org/brightery-secure-2fa/assets/icon-256x256.png?rev=3513593) # Brightery Secure 2FA De [Brightery](https://profiles.wordpress.org/brighterycom/) [Descarcă](https://downloads.wordpress.org/plugin/brightery-secure-2fa.1.0.0.zip) * [Detalii](https://ro.wordpress.org/plugins/brightery-secure-2fa/#description) * [Recenzii](https://ro.wordpress.org/plugins/brightery-secure-2fa/#reviews) * [Instalare](https://ro.wordpress.org/plugins/brightery-secure-2fa/#installation) * [Dezvoltare](https://ro.wordpress.org/plugins/brightery-secure-2fa/#developers) [Suport](https://wordpress.org/support/plugin/brightery-secure-2fa/) ## Descriere Brightery Secure 2FA adds a strong second login step for WordPress accounts while staying lightweight in runtime. Features: * Authenticator app (TOTP) support. * Passkeys / WebAuthn support for Touch ID, Face ID, Windows Hello, fingerprint readers, and device PIN. * Role-based enforcement: require selected user groups to enroll. * Forced enrollment page to block protected users until they configure security. * Backup codes. * Encrypted TOTP secret storage using WordPress salts. * Login throttling for repeated primary-login and second-factor failures. * Lightweight audit logs stored inside WordPress options. * Email alerts for enrollment changes and lockouts. * Trusted devices so users can skip 2FA on approved browsers for a limited period. * CSV export for security logs. * Advanced log filters and search. * Custom labels for trusted devices and passkeys. * Optional revocation of other sessions after security changes. * Optional blocking of WordPress application passwords for protected / 2FA-enabled users. * Lightweight runtime: the plugin mostly runs on login, profile, AJAX, settings pages, WooCommerce account pages, and authenticated REST requests. ### Important Notes * HTTPS is required for passkeys in production. * This build is optimized for normal interactive WordPress logins and admin access enforcement. * Passkey attestation trust-chain validation is intentionally not enforced in order to remain lightweight and dependency-free. The plugin still validates challenge, origin, RP ID hash, user presence, optional user verification, signature, and signature counter. * This lightweight build supports ES256 passkeys. * TOTP setup includes a local QR-code renderer so the setup secret stays on your own WordPress site during enrollment. * The plugin stores account-security data such as trusted-device records, passkey metadata, security logs, and a limited recent login-context history. * A privacy-policy suggestion plus WordPress personal-data exporter and eraser integrations are included. * There are no non-GPL third-party runtime libraries bundled with this plugin; the distributed JavaScript and CSS files are included as human-readable source. ### Security Model * TOTP secrets are encrypted before storing in user meta. * Backup codes are stored hashed. * Passkeys verify origin, RP ID hash, challenge, signature, and signature counter. * Rate limiting helps slow repeated login and 2FA guessing attempts. * The plugin can require passkey user verification for biometric/PIN-backed sign- in. ### Privacy Brightery Secure 2FA stores security-related account data so it can protect logins and help administrators investigate suspicious access. The plugin adds suggested privacy-policy text to WordPress and registers personal-data exporter/eraser callbacks for the data it stores. ### Source Code and Licensing * All distributed plugin PHP, JS, and CSS files are included as human-readable source. * The local QR renderer is bundled directly in `assets/js/bs2fa-qr.js` as readable source code. * No non-GPL runtime libraries are required for normal plugin operation. ## Instalare 1. Upload the ZIP in WordPress Plugins > Add New > Upload Plugin. 2. Activate „Brightery Secure 2FA”. 3. Go to Settings > Brightery Secure 2FA. 4. Select allowed methods and the user roles that must use 2FA. 5. Ask each protected user to finish setup from Profile or 2FA Setup. ## Recenzii Nu există nicio verificare pentru acest modul. ## Contributori și dezvoltatori „Brightery Secure 2FA” este un software open-source. La acest modul au contribuit următoarele persoane. Contributori * [ Brightery ](https://profiles.wordpress.org/brighterycom/) [Tradu „Brightery Secure 2FA” în limba ta.](https://translate.wordpress.org/projects/wp-plugins/brightery-secure-2fa) ### Te interesează dezvoltarea? [Răsfoiește codul](https://plugins.trac.wordpress.org/browser/brightery-secure-2fa/), vezi [depozitarul SVN](https://plugins.svn.wordpress.org/brightery-secure-2fa/), sau abonează-te la [jurnalul de dezvoltare](https://plugins.trac.wordpress.org/log/brightery-secure-2fa/) prin [RSS](https://plugins.trac.wordpress.org/log/brightery-secure-2fa/?limit=100&mode=stop_on_copy&format=rss). ## Istoric modificări #### 1.0.0 * Initial release. ## Meta * Versiunea **1.0.0** * Ultima actualizare **Acum 2 săptămâni** * Instalări active: **Mai puțin de 10** * Versiune WordPress ** 6.2 sau mai recentă ** * Testat până la **6.9.4** * Versiune PHP ** 7.4 sau mai recentă ** * Limbă * [English (US)](https://wordpress.org/plugins/brightery-secure-2fa/) * Etichete * [2FA](https://ro.wordpress.org/plugins/tags/2fa/)[authentication](https://ro.wordpress.org/plugins/tags/authentication/) [security](https://ro.wordpress.org/plugins/tags/security/) * [Vizualizare avansată](https://ro.wordpress.org/plugins/brightery-secure-2fa/advanced/) ## Evaluări Nu a fost trimisă nicio recenzie până acum. [Your review](https://wordpress.org/support/plugin/brightery-secure-2fa/reviews/#new-post) [Vezi toate recenziile](https://wordpress.org/support/plugin/brightery-secure-2fa/reviews/) ## Contributori * [ Brightery ](https://profiles.wordpress.org/brighterycom/) ## Suport Ai ceva de zis? Ai nevoie de ajutor? [Vezi forumul pentru suport](https://wordpress.org/support/plugin/brightery-secure-2fa/)