plugin-icon

Tiny 2FA + Brute Force Protection

By Web Guy·
A simple two-factor authentication plugin that just works.
2FA
login
MFA
Rating
Add a review
Version
0.3
Last updated
Dec 2, 2025

This is probably the 2FA plugin you’re looking for.

Secure, private, and lightweight.

Integrates into WordPress like a native feature.

Proactive vs Reactive Security

Prevents attacks instead of reacting to them. The best breach is the one that never happens.

How it Works

  1. Install and activate the plugin
  2. Go to Users > Profile > Two-Factor Authentication (near the bottom)
  3. Check the box next to “Enable 2FA” and click “Update Profile”
  4. 2FA and Backup Codes are now enabled
  5. Scan the QR code or manually enter the secret key into your auth app of choice (and be sure to rename the generic site name “2FA” to something more useful)
  6. Once successful login with a 2FA code from your app has been confirmed, you should disable Backup Codes
  7. Brute force protection is enabled by default and can be managed site-wide by admins in profile settings

Backup Codes have been rethought from the usual method you might be used to. Read more about that in the FAQ below.

Need Support?

Ask for help here.

Freeon Business plan
Get started
By installing, you agree to WordPress.com Terms of Service and Third-Party plugin Terms.
Tested up to
WordPress 6.8.3
This plugin is available for download for your site.
Download