Configify 2FA

Configify 2FA adds flexible two-factor authentication to every important action on your WordPress site, all configurable from a single settings page. Choose from Google Authenticator (TOTP), Math CAPTCHA, or Google reCAPTCHA v2/v3 to match your audience's needs.

• Google Authenticator (TOTP) works with Google Authenticator, Authy, Microsoft Authenticator, 1Password, Bitwarden, and any TOTP-compatible app
• Math CAPTCHA server-side arithmetic challenge, no external dependencies, works offline
• Google reCAPTCHA v2 checkbox and v3 invisible score-based
• Protects login, registration, forgot password, change and reset password, and comment submission
• Full WooCommerce integration hooks into WooCommerce login, registration, lost password, and account password change
• Security Audit Dashboard logs every 2FA event with username, IP, user agent, and timestamp, exportable to CSV
• Brute-force lockout blocks repeated failures by user and IP
• Trusted Device Memory skip 2FA on verified devices for a configurable number of days, admin-revocable per user
• Email OTP fallback sends a 6-digit code if a user has not set up their authenticator app yet
• Per-role enforcement apply 2FA to specific roles only such as Administrators, Editors, or any custom role
• No data sent to Configify servers, fully self-contained
• Complete uninstall cleanup, all plugin data removed on deletion