2 Factor Authentication Integration by Plugin Contributors

This documentation will show you how to install and activate 2-factor authentication for your MemberPress site. It will also explain how to make it so that the member is required to use 2-factor authentication to be able to log in.

Installation:

MemberPress already has the integration built in, so nothing needs to be activated within MemberPress.

First, you must go to WordPress > Plugins > Add New page and search for “Two-factor“. Once the plugins pull up, you will want to install the plugin called Two-factor by Plugin Contributors:

Once installed, all you need to do is activate it and everything will be set up. 

Using 2 Factor Authentication:

Your members will now see a Two Factor Authentication menu item on their Account page:

After clicking the menu item, they will have 3 different options for 2-factor authentication:

• Email: This option will send the member an email with a verification code each time they try to log in.
• Time Based One-Time Password(TOTP): This option will send a code to a device that has scanned the QR code each time the member tries to log in.
• Backup Verification Codes: This option creates 10 verification codes that can be saved somewhere safe in case the member needs a code to log in and doesn't have a way to retrieve the other 2 options.

Note: There is also a fourth option that can show up in WP_DEBUG is set to true. It will be an option titled “Dummy Method”.

Forcing Members to Use 2-Factor Authentication:

The options above are only optional at this point, but if you want to force your members to use 2-factor authentication, some code is needed. You can enter this code in your functions.php file or in a plugin like the WPCode plugin (please check this article for details: How to add custom code snippets in WPCode): 

function mepr_disable_auto_login($auto_login, $membership_id, $mepr_user) {
  return false;
}
add_filter('mepr-auto-login', 'mepr_disable_auto_login', 3, 3);

function memberpress_two_factor_primary_provider_for_user($provider, $user_id) {
  if (empty($provider)) {
    return 'Two_Factor_Email';
  }
  return $provider;
}
add_filter('two_factor_primary_provider_for_user', 'memberpress_two_factor_primary_provider_for_user', 1, 2);

function memberpress_two_factor_enabled_providers_for_user($enabled_providers, $user_ID) {
  if (!in_array('Two_Factor_Email', $enabled_providers)) {
    $enabled_providers[] = 'Two_Factor_Email';
  }
  return $enabled_providers;
}
add_filter('two_factor_enabled_providers_for_user', 'memberpress_two_factor_enabled_providers_for_user', 1, 2);

Note: This code (above) will only enforce the confirmation email 2FA authentication method. The member will still have the option to enable the other methods from within their account page.