AV 2FA

AV 2FA adds a crucial layer of security to your WordPress login process. After a user successfully enters their password, this plugin sends a unique, time-sensitive verification code to their registered email address. The user must then enter this code to complete the login, effectively protecting their account even if their password is compromised.

The plugin is designed to be lightweight, easy to use, and seamlessly integrated into the WordPress experience.

Key Features:

• Email-Based 2FA: Sends a 6-digit verification code to the user’s email.
• Custom Login URL: Hide your login page by setting a custom login slug. The default wp-login.php becomes inaccessible, protecting against brute force attacks and bots.
• Rate Limiting & Account Lockout: Protects against brute force attacks on 2FA codes with configurable thresholds and temporary lockouts.
• Progressive Lockout: Automatically increases lockout duration for repeat offenders (2x, 4x, 8x multiplier).
• IP-Based Protection: Tracks failed attempts by IP address to prevent distributed attacks.
• Email Notifications: Alerts users when their account is locked due to suspicious activity.
• Admin Controls: View and manually unlock locked accounts from the settings page.
• Customizable Code Validity: Admin can set how long the code is valid for (default is 60 seconds).
• User Exclusion List: Easily bypass 2FA for specific users (e.g., admin or integration accounts) by adding their User ID to an exclusion list.
• Countdown Timer: The verification screen displays a countdown timer to show the user how much time is left.
• Secure & Reliable: Uses WordPress’s built-in mailer and secure practices for code generation and verification.