Search Results :


How to use MFA with Single Sign-On (SSO) in WordPress?

Two-Factor Authentication (2FA/MFA) on Single Sign-On (SSO) provides an additional layer of security to authenticate users to access the Service Provider. The miniOrange 2-Factor Authentication plugin provides TOTP/OTP based verification, Email or Phone verification methods after SSO. By adding 2FA, even if an attacker manages to steal or guess a user's password, they will not be able to access your website without also possessing the second factor.

Furthermore, 2FA can help to protect against various types of attacks, such as phishing, social engineering, and password spraying. These types of attacks can be particularly effective against SSO, as once an attacker has obtained a user's credentials, they can access multiple applications.

You can download miniOrange 2-Factor Authentication(2FA) plugin using the following link:

This plugin can be configured for any TOTP-based/OTP Login 2fa methods like Duo/Microsoft/Google Authenticator. It supports OTP login based 2fa methods [24/7 SUPPORT]

  Tested with 6.0.1

How 2-Factor Authentication works on Moodle login using WordPress as IDP?


Install and configure SAML IDP and SAML SP plugins-

  • First, install the SAML IDP plugin on your WordPress instance.
  • Then, install the SAML SP plugin on your Moodle instance.
  • Configure WordPress as an IDP and configure Moodle as an SP (Refer to the Setup guide)

After setting up SAML IDP and SAML SP, follow the steps below to setup miniOrange 2-Factor Authentication plugin -

  • Now, install and activate the miniOrange 2-Factor Authentication plugin on your WordPress instance.
  • Go to the Moodle login page. Click on the Login with WordPress button.
  • SSO 2FA - Click button

  • You will be directed to the WordPress IDP login page.
  • Enter your login credentials and click on the Login button.
  • SSO 2FA - Click login button

  • Select the Google Authenticator method for inline registration.
  • SSO 2FA - Select Two Factor method

  • Select Google Authenticator from the ‘Choose an Authenticator app’ dropdown list.
  • Click on the respective links to install the Google Authenticator app from the Google Play Store or the App Store.
  • Now, open the Google Authenticator app on your mobile and scan the QR code from your authenticator mobile app.
  • SSO 2FA - Scan QR code

  • After that, enter the security code shown in the app for your account in the Code input field provided, click on the Verify and Save button for verification.
  • SSO 2FA - Enter verify code
  • You will be logged in successfully.

  • Again, go to your Moodle login page and click on the Login with WordPress button to test the authentication with Google Authenticator app.
  • SSO 2FA - Open Moodle login page

  • Enter your login credentials and click on the Login button.
  • SSO 2FA - enter Username and Password

  • You will be prompted to validate OTP(security code) from the Authenticator app.
  • Enter the security code shown in the authenticator app and click on the Validate button to login to the site.
  • SSO 2FA - Enter One TIme Passcode
    SSO 2FA - Open Dashboard page
  • Your account is secured now and only after verification will you be able to log in.

Additional Resources

Business Trial For Free

If you are looking for anything which you cannot find, please drop us an email on

Hello there!

Need Help? We are right here!

Contact miniOrange Support

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to