Enable Two-factor authentication with Single Sign-on for WordPress

Enable Two-factor authentication with Single Sign-on for WordPress


By handling WordPress logins with various authentications, we aim to boost user experiences. We provide a single sign-on solution with SAML and OAuth protocols, two-factor authentication, and social login (login with third-party social accounts). We aim to make WordPress user accounts more secure and concentrate mainly on user experience in these forms of authentication.

In this case, to register with WordPress and then remember passwords to login to the WordPress account, it is better to manage multiple accounts with IDP login credentials with a single sign-on. The Single Sign-On solution enables users to login/register to a WordPress account at the end of the Identity Provider by authenticating their profile. The Provider of Identity verifies a customer and sends approval.

But, even though you've added the Single Sign-on Widget login to your WordPress, there's an alternative Username and Password login. In the case of Single Sign-On, the Identity Provider responsible for authentication is responsible, but what if the user decides to log in to the WordPress account with a username and password? Is the password enough to open an account with WordPress?

The password for an alternative WordPress login solution (Username and Password login) is not adequate to secure a user account. Adding additional WordPress login security can help minimize losses.

WordPress login page


You can download miniOrange 2-Factor Authentication(2FA) plugin using the following link:

This plugin can be configured for any TOTP-based/OTP Login 2fa methods like Duo/Microsoft/Google Authenticator. It supports OTP login based 2fa methods [24/7 SUPPORT]



What to do to overcome such security implications?

WordPress users face security problems with a single sign-on during a username and password login. So, we can add two-factor authentication with username and password on Wordpress during login. With WP login form integration, Two Factor authentication (2FA) for WordPress helps you to secure login with 15+ authentication methods.



How single sign-on and two-factor authentication works together for WordPress login?

sso 2fa GIF

How to setup Two-Factor authentication for WordPress login?


1.Install miniOrange 2-Factor Plugin

  • Login to your WordPress instance and click on Plugins > Add New.
  • 2FA with SSO - Click add new option


  • Search for the Google authenticator plugin and click on the Install Now button.
  • 2FA with SSO - Click install now


  • Now click on the Activate button.
  • 2FA with SSO - Click activate button


    2.Advanced Setting setup

  • Click on the Advanced Settings button.
  • 2FA with SSO - Select advance setting


  • Go to the Setup Two Factor tab from the navigation.
  • 2FA with SSO - Select two factor tab


  • You can see the list of Authentication methods here. Click on the Configure button OTP Over Whatsapp.
  • 2FA with SSO - Select OTP Over Whatsapp


  • Save Given phone number (+34 644179464) on your phone.
  • 2FA with SSO - Search 2fa


  • Open the WhatsApp app on your phone and send the below text to the given phone number : Message: I allow callmebot to send me a message
  • Then you will receive the API Key.
  • 2FA with SSO - Complete test


  • Enter the API key in the field beside and also enter the Phone number then click on the Verify button.
  • Enter One Time OTP which you received on the WhatsApp app and click on Validate OTP.
  • 2FA with SSO - Click validate OTP


  • 2FA Setup is successful. Click on the Test it button.
  • 2FA with SSO - Click test it


  • Enter the one-time passcode you received on your WhatsApp, and click on the Validate OTP button.
  • 2FA with SSO - Test OTP Over Whatsapp page


    2FA with SSO - Test Completed


miniOrange provides multiple authentication methods, you can setup for our WordPress domain as per your choice:



What are the add-ons related to two-factor verification?


  • Enforce two-factor verification to WordPress users during user enrollment
    With the miniOrange two-factor plugin for WordPress login, you can notify WordPress users to configure Telegram verification during inline registration so that the second security layer will get added to their WordPress account.

  • Two-factor verification compatible with Woocommerce forms
    This method of verification is compatible with almost all WordPress login forms and also with the WooCommerce form.

  • Passwordless Login with two-factor Verification
    You can set Passwordless Login to your WordPress login with no worries by setting up Telegram verification with just simple steps.

  • Customization
    miniOrange login security also provides customization options. You can customize the two-factor prompt user interface according to the design of your WordPress website.

  • Backup methods
    In case you lose your two-factor authentication ability, you will also get backup methods like an alternate two-factor method or alternate extra security solution to get back to your WordPress account.


Additional Resources



Business Trial For Free

If you are looking for anything which you cannot find, please drop us an email on 2fasupport@xecurify.com

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com