Title: Rat Two-Factor Authentication Author: rathsh Published: 23 septembrie 2025 Last modified: 23 septembrie 2025 --- Caută module ![](https://ps.w.org/rat-two-factor-authentication/assets/banner-772x250.jpg?rev =3366509) ![](https://ps.w.org/rat-two-factor-authentication/assets/icon-256x256.jpg?rev=3366509) # Rat Two-Factor Authentication De [rathsh](https://profiles.wordpress.org/rathsh/) [Descarcă](https://downloads.wordpress.org/plugin/rat-two-factor-authentication.zip) * [Detalii](https://ro.wordpress.org/plugins/rat-two-factor-authentication/#description) * [Recenzii](https://ro.wordpress.org/plugins/rat-two-factor-authentication/#reviews) * [Instalare](https://ro.wordpress.org/plugins/rat-two-factor-authentication/#installation) * [Dezvoltare](https://ro.wordpress.org/plugins/rat-two-factor-authentication/#developers) [Suport](https://wordpress.org/support/plugin/rat-two-factor-authentication/) ## Descriere **Rat Two-Factor Authentication** is a lightweight yet powerful security plugin that adds an extra layer of protection to your WordPress site through email-based One-Time Password (OTP) verification. #### Key Features * **Email-based OTP verification** – Secure 6-digit codes sent to user’s email * **Lightweight and fast** – Minimal impact on site performance * **User-friendly interface** – Clean, responsive design that works on all devices * **Flexible settings** – Enable 2FA globally or per user * **Role-based requirements** – Require 2FA for specific user roles * **Session management** – Secure session handling with timeout protection * **AJAX-powered** – Smooth user experience without page reloads * **Auto-submit functionality** – Automatically submits form when 6 digits are entered * **Resend functionality** – Users can request new codes with cooldown protection * **Mobile-friendly** – Optimized for mobile login experiences * **Security-first** – Nonce protection, input sanitization, and secure coding practices #### How It Works 1. User enters their username and password normally 2. If 2FA is enabled, they’re redirected to an OTP verification screen 3. A 6-digit code is sent to their registered email address 4. User enters the code to complete login 5. Code expires after 10 minutes for security #### Perfect For * **Business websites** requiring enhanced security * **E-commerce stores** protecting customer accounts * **Membership sites** with sensitive user data * **Multi-author blogs** securing contributor access * **Any WordPress site** wanting better login security #### Admin Features * **Global 2FA setting** – Enable for all users * **Force 2FA option** – Make it mandatory for selected roles * **Role-based configuration** – Choose which roles require 2FA * **User profile integration** – Users can enable/disable 2FA individually * **Clean admin interface** – Easy to configure and manage #### Developer Friendly * **Well-documented code** with inline comments * **WordPress coding standards** compliant * **Hook system** for customization * **Lightweight codebase** for easy modification * **No external dependencies** – Pure WordPress integration #### Security Features * **Nonce verification** for all AJAX requests * **Input sanitization** and validation * **Secure OTP generation** using WordPress built-in functions * **Session timeout** protection (10 minutes) * **Rate limiting** on resend requests * **No plain text storage** of OTP codes ### Configuration #### Global Settings Navigate to **Settings > Two-Factor Auth** to configure: * **Enable 2FA Globally**: Turn on 2FA for all users * **Force 2FA for All Users**: Make 2FA mandatory regardless of user preference * **Required User Roles**: Select specific roles that must use 2FA #### User Settings Each user can enable/disable 2FA in their profile: 1. Go to **Users > Profile** (or **Users > Your Profile**) 2. Find the „Two-Factor Authentication” section 3. Check „Enable 2FA” to activate for that user 4. Save the profile #### Email Configuration The plugin uses WordPress’s built-in `wp_mail()` function. Ensure your site can send emails properly. Consider using: * SMTP plugins for reliable email delivery * Email services like SendGrid, Mailgun, or Amazon SES * Proper SPF/DKIM records for your domain ### Support For support, feature requests, or bug reports: * **Plugin Support**: [WordPress.org Support Forum](https://wordpress.org/support/plugin/rat-two-factor-authentication) * **Documentation**: Available in the plugin’s admin area * **Bug Reports**: Please provide detailed information about your setup ### Contributing We welcome contributions! The plugin follows WordPress coding standards and best practices. ### Privacy Policy This plugin: * Stores minimal user data (2FA preference and temporary OTP hashes)* Does not send data to external services * Uses WordPress’s built-in email system* Follows WordPress privacy guidelines * Allows data export/erasure as per GDPR requirements ### Technical Requirements * WordPress 5.0 or higher * PHP 7.4 or higher * MySQL 5.6 or higher (or equivalent MariaDB) * Ability to send emails from WordPress * Modern web browser with JavaScript enabled ### Credits Developed with ❤️ by the Rat Plugins team, focused on creating lightweight, powerful, and user-friendly WordPress plugins. ### License This plugin is licensed under the GPL v2 or later. > This program is free software; you can redistribute it and/or modify it under > the terms of the GNU General Public License as published by the Free Software > Foundation; either version 2 of the License, or (at your option) any later version. > This program is distributed in the hope that it will be useful, but WITHOUT ANY > WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR > A PARTICULAR PURPOSE. See the GNU General Public License for more details. ## Instalare #### Automatic Installation 1. Login to your WordPress admin panel 2. Navigate to Plugins > Add New 3. Search for „Rat Two-Factor Authentication” 4. Click „Install Now” and then „Activate” #### Manual Installation 1. Download the plugin zip file 2. Upload it to `/wp-content/plugins/` directory 3. Extract the zip file 4. Activate the plugin through the ‘Plugins’ menu in WordPress #### After Installation 1. Go to Settings > Two-Factor Auth 2. Configure your preferred settings 3. Enable 2FA for your user account in your profile 4. Test the functionality ## Întrebări frecvente ### Is this plugin free? Yes, Rat Two-Factor Authentication is completely free and open-source. ### Does it work with any email provider? Yes, it works with any email provider as it uses WordPress’s standard email system. ### Can I customize the email template? Yes, you can use WordPress hooks to customize the email content and styling. ### What happens if a user loses access to their email? Administrators can disable 2FA for any user from their profile page in the admin area. ### Does it work with other security plugins? Yes, it’s designed to work alongside other security plugins without conflicts. ### Is it compatible with multisite? The plugin works on multisite installations and can be configured per site. ### How secure are the OTP codes? OTP codes are generated using WordPress’s secure random functions and are hashed before storage. ### Can I change the code expiry time? Currently set to 10 minutes, but developers can modify this using plugin hooks. ### Does it support app-based authentication? This version focuses on email-based OTP. App-based authentication may be added in future versions. ### Is there a premium version? Currently, there’s only the free version with all features included. ## Recenzii Nu există nicio verificare pentru acest modul. ## Contributori și dezvoltatori „Rat Two-Factor Authentication” este un software open-source. La acest modul au contribuit următoarele persoane. Contributori * [ rathsh ](https://profiles.wordpress.org/rathsh/) [Tradu „Rat Two-Factor Authentication” în limba ta.](https://translate.wordpress.org/projects/wp-plugins/rat-two-factor-authentication) ### Te interesează dezvoltarea? [Răsfoiește codul](https://plugins.trac.wordpress.org/browser/rat-two-factor-authentication/), vezi [depozitarul SVN](https://plugins.svn.wordpress.org/rat-two-factor-authentication/), sau abonează-te la [jurnalul de dezvoltare](https://plugins.trac.wordpress.org/log/rat-two-factor-authentication/) prin [RSS](https://plugins.trac.wordpress.org/log/rat-two-factor-authentication/?limit=100&mode=stop_on_copy&format=rss). ## Istoric modificări #### 1.0.1 – 2024-12-19 * Initial release * Email-based OTP verification * User and admin interfaces * Role-based requirements * Session management * AJAX functionality * Mobile optimization * Security implementations * WordPress 6.4 compatibility ## Meta * Versiunea **1.0.1** * Ultima actualizare **Acum 8 luni** * Instalări active: **Mai puțin de 10** * Versiune WordPress ** 5.0 sau mai recentă ** * Testat până la **6.8.5** * Versiune PHP ** 7.4 sau mai recentă ** * Limbă * [English (US)](https://wordpress.org/plugins/rat-two-factor-authentication/) * Etichete * [2FA](https://ro.wordpress.org/plugins/tags/2fa/)[authentication](https://ro.wordpress.org/plugins/tags/authentication/) [otp](https://ro.wordpress.org/plugins/tags/otp/)[security](https://ro.wordpress.org/plugins/tags/security/) [two factor](https://ro.wordpress.org/plugins/tags/two-factor/) * [Vizualizare avansată](https://ro.wordpress.org/plugins/rat-two-factor-authentication/advanced/) ## Evaluări Nu a fost trimisă nicio recenzie până acum. [Your review](https://wordpress.org/support/plugin/rat-two-factor-authentication/reviews/#new-post) [Vezi toate recenziile](https://wordpress.org/support/plugin/rat-two-factor-authentication/reviews/) ## Contributori * [ rathsh ](https://profiles.wordpress.org/rathsh/) ## Suport Ai ceva de zis? Ai nevoie de ajutor? [Vezi forumul pentru suport](https://wordpress.org/support/plugin/rat-two-factor-authentication/)