Usama Simple 2FA Authenticator

This plugin enhances the security of your WordPress website by adding a simple but effective two-factor authentication (2FA) screen after a successful password login.

Instead of adding fields to the main login page (which can cause conflicts), this plugin waits until a user has correctly entered their username and password. Then, it intercepts the login and presents them with a clean, separate screen to enter their 6-digit code from an authenticator app (like Google Authenticator, Authy, etc.).

This method is more secure, more compatible, and provides a smoother user experience.

Features:

Secure Post-Login Verification: 2FA check happens on a separate screen, after the password is correct.

Easy Setup: A simple „Usama 2FA“ menu page for each user to scan a QR code and activate 2FA.

Backup Codes: On activation, 10 one-time-use backup codes are generated in case you lose your phone.

Regenerate Codes: You can generate new backup codes at any time from the settings page.

Lightweight & Simple: No bloat. Just the essential 2FA features.

Per-User: 2FA is enabled on a per-user basis. Administrators cannot control 2FA for other users.

External services

This plugin connects to a third-party API to generate the QR codes used during setup.

Service: goqr.me API (https://www.google.com/search?q=api.qrserver.com)

Usage: Used only once during setup to generate a QR code image that users scan with their authenticator app.

Data Sent: The API receives the user’s email address and the generated secret key (inside the OTPAuth URL) to create the image. This data is not stored by the service.

Provider: Foundata GmbH

Terms of Use: Terms of Use

Privacy Policy: Privacy Policy