=== Cloudusk 2FA – Two Factor Authentication === Contributors: cloudusk Tags: two-factor authentication, 2fa, google authenticator, security Requires at least: 6.0 Tested up to: 6.9 Requires PHP: 8.1 Stable tag: 0.0.1 License: GPLv2 or later License URI: https://www.gnu.org/licenses/gpl-2.0.html A free and lightweight two-factor authentication (2FA) plugin for WordPress using TOTP and authenticator apps. == Description == Cloudusk 2FA – Two Factor Authentication is a free and easy-to-use two-factor authentication (2FA) plugin for WordPress. It adds an extra layer of security to your WordPress login by requiring a time-based one-time password (TOTP) in addition to a username and password. This helps protect WordPress user accounts from unauthorized access caused by weak or compromised passwords, brute-force attacks, and automated login attempts. Cloudusk 2FA uses industry-standard TOTP (RFC 6238) and works with popular authenticator apps such as Google Authenticator, Authy, and Microsoft Authenticator. No SMS, email codes, or third-party services are required. The plugin is designed to be lightweight and user-friendly, with a simple setup process that can be completed directly from the user profile screen. = Features = * TOTP-based two-factor authentication for WordPress * Compatible with Google Authenticator, Authy, Microsoft Authenticator, and other TOTP apps * QR code-based setup * Backup recovery codes to prevent lockouts * No SMS, email, or external services required * Lightweight and performance-friendly * Works with the default WordPress login flow * Fully free to use = Privacy = Cloudusk 2FA does not send any data to external services. All authentication is handled locally within your WordPress installation. == Installation == 1. Upload the plugin files to the `/wp-content/plugins/cloudusk-2fa` directory, or install the plugin directly from the WordPress Plugins screen. 2. Activate the plugin through the "Plugins" screen in WordPress. 3. Go to your WordPress user profile. 4. Follow the on-screen instructions to enable two-factor authentication using your authenticator app. == Frequently Asked Questions == = Which authenticator apps are supported? = Any app that supports TOTP (RFC 6238), including: * Google Authenticator * Authy * Microsoft Authenticator * 1Password = Does this plugin use SMS or email codes? = No. Cloudusk 2FA uses TOTP generated by authenticator apps and does not rely on SMS or email. = What happens if I lose my phone? = During setup, the plugin provides backup recovery codes that can be used to regain access if you lose your authenticator device. = Is this plugin free? = Yes. Cloudusk 2FA is completely free to use. = Will this plugin slow down my website? = No. The plugin is lightweight and only runs during the login process. = Is this plugin compatible with WordPress Multisite? = Yes, Cloudusk 2FA is compatible with WordPress Multisite. == Screenshots == 1. Two-factor authentication setup screen 2. Backup recovery codes screen 3. Enter code from 2FA app to enable it screen 4. Settings to specifiy 2FA requirement for differenet roles screen == Changelog == = 0.0.1 = * Initial release * TOTP-based two-factor authentication * QR code setup * Backup recovery codes == Upgrade Notice == = 0.0.1 = Initial release.