How to configure Settings in the Quick Setup tab of the miniOrange 2FA plugin for WordPress?

3. Enable Backup Login Methods

If you face any issues during login, you can use the backup login method to successfully log in to your account.

• Go to the 2FA Configurations tab in the miniOrange 2-Factor Authentication plugin, and then click on the Quick Setup subtab.

• Go to ‘Enable Backup Login Methods’ settings. (The setting is enabled by default.)




Here, we provide three options:

1. Backup Codes

• This method is enabled by default. (If not, you can enable it by selecting the checkbox right before it and save the settings.)
• When a user logs in for the first time, they would be prompted to configure 2FA. After configuring 2FA, they will be given the option to download backup codes.
• Click on the Download Codes button to download the backup codes.



• If any user faces a problem during login with their conventional 2FA method, they will have the alternate option - Use Backup Codes - to log in.



• After clicking on it, the user sees a screen to enter the backup code. Enter one of the backup codes downloaded previously.



• The user has successfully logged in using the backup code.



2. Account Recovery Via Email Verification

• This method is enabled by default. (If not, you can enable it by selecting the checkbox right before it and save the settings.)
• If any user faces a problem during login with their conventional 2FA method, they will have the alternate option - Locked out? Click to recover your account using email verification to log in.



• After clicking on it, the user will receive an email to their registered email ID to recover their account.
• When the user clicks on the Recover your account link, they will be asked to set up 2FA again.





3. Security Questions

• To enable the Security Questions backup login method, select its checkbox.
• Then, click on the Save Settings button.



• When a user logs in for the first time, they will be prompted to configure 2FA. After completing the 2FA setup, they will be prompted to configure Security Questions (KBA) as a backup login method.
• Set up the Security Questions method and click on the Save Settings button.



• If any user faces a problem during login with their conventional 2FA method, they will have the alternate option Login with alternative 2FA method to log in.



• When the user clicks on that option, they will be asked to validate themselves by correctly answering the questions they previously set.
• Then, click on the Validation button.



• The User will be logged into the site after successful validation.

4. Enable Grace Period

In this setting, you can allow users to skip 2FA setup for a specific period of time.

• Go to the 2FA Configurations tab in the miniOrange 2-Factor Authentication plugin, and then click on the Quick Setup subtab.

• Go to the ‘Enable Grace Period’ settings and select the checkbox to enable it.
• Enter the Grace period for users to configure 2FA. (You can set this duration in hours or days.)

• Set the action to be taken after the grace period expires, and click the Save Settings button. (I have selected Enforce 2FA)

• Go to your login form, enter your login credentials, and click on the Login button. (Users are prompted to configure a two-factor method during their first login.)

• There, you will see the Skip Two Factor option.
• When the user clicks on it, they will be logged into the site. (Your grace period would start from this event.)

• Once the set Grace period expires, the Skip Two Factor option will not be available, and users have to get their 2FA method configured in order to log in to the site.