miniOrange's Google Authenticator – WordPress Two Factor Authentication (2FA , Two Factor, OTP SMS and Email) | Passwordless login


Google Authenticator – Two-Factor (WP 2FA / OTP) – Provides secure login to WordPress. This plugin can be configured for any TOTP-based/OTP Login methods like Duo/Microsoft/Google Authenticator. It supports OTP login based 2fa methods.

You can check out following video to configure google authenticator as a two-factor:

Features | 14 day Premium trial

Maintained & Supported by miniOrange

We are experts in the field of security and have released advanced WordPress solutions such as Password Policy Manager.
Apart from this, we also have Broken Link Checker to scan detect and fix your broken links to keep your site functioning smoothly.

[Google Authenticator – Two step verification/ 2 Factor Authentication/ WP 2FA]

  • QR Code authentication, Push Notification, Soft Token and Security Questions(KBA) for multi-factor authentication(WP 2FA/MFA).
  • Language Translation Support.
  • User Profile 2fa: Administrators can set up Two-Factor (2FA) of users via WordPress users section
  • Multi Factor Authentication(MFA): This feature can be used to invoke any two-factor method on login among multiple methods which were configured. You can configure multiple TOTP/OTP Login based 2fa methods that can be used as a backup 2fa method
  • Two-Factor Authentication ( TFA/2FA ) for Ajax login forms like User Pro, login with ajax, Theme my login, etc.
  • Passwordless login and login with phone number
  • Prevent account sharing: Google Authenticator(WP 2FA) is OTP login based method which restricts users from sharing WordPress login credentials which help to secure WordPress Websites. The Google authenticator plugin also adds a session control feature that limits user sessions based on WordPress User activities.
  • This plugin Supports standard TOTP
  • Two-Factor Authentication (WP 2FA/TFA) allows authentication on the login page itself for Google Authenticator & miniOrange Soft Token.
  • 3 users free for lifetime.
  • Multiple Login Options: Username + password + two-factor (or) Username + two-factor i.e. Passwordless login /Login without password /Password free authentication.
  • Recovery codes in case you are locked out for all Two-Factor Authentication (WP 2FA/TFA)
  • Mobile verification – two step verification (WP 2FA/TFA) using authentication methods like google authenticator, QR code authentication, etc.

Additional Features other than the basic Google Authenticator two-factor authentication

  • Complete Web Security to protect WordPress from any attacks
  • Web Application Firewall (WAF): WordPress Firewall to protect your site
  • OWASP TOP 10 Protection
  • Login Protection: Spam and Login Protection
  • Malware scanner: Detects any virus, malware and trojan
  • Backup: Taking Encrypted Backup with local storage and cloud storage
  • Limit Login Attempts to stop password guessing
  • Realtime Global IP Blocking
  • Limit Rate of Request: Protecting resources from any security hole exploit
  • Crawler Detection and blocking
  • Blocking IP and Attacks
  • Country Blocking and Browser Blocking
  • Brute Force Attacks prevention to stop password hack
  • Captcha for Bot Detection
  • Google Recaptcha
  • Login Form Protection
  • Registration Form Protection
  • Integration with different plugin – WooCommerce, Buddypress, Ultimate Member and others
  • Reporting
  • Audit Log

Apps Supported by the two-factor authentication (2FA / MFA) plugin

  • Google Authenticator
  • miniOrange Authenticator
  • Duo Authenticator
  • Microsoft Authenticator
  • Authy 2-Factor Authenticator
  • LastPass Authenticator
  • FreeOTP Authenticator

User Identity Verification or multi-factor authentication with Google Authenticator

Login and Registration: Verify users on login with different OTP Login methods & other two-factor methods like OTP over SMS, OTP Over Email, OTP Over Telegram, Google Authenticator, SMS Verification, Email, Authy Authenticator, Duo Authenticator, Microsoft Authenticator, TOTP Based Authenticator, Security Questions, and many others.
Users will receive an OTP at the time of registration which will be used to verify their identity. OTP authentication can be done either via OTP Login methods(OTP Over email or via OTP over SMS).

Plugin Integrations and Support for all methods of two-factor authentication/two step verification ( WP 2FA/TFA/OTP Authentication )

Our plugin is integrated with popular Plugins such as WooCommerce and Ultimate member.

Third Party Custom SMS Gateway for OTP Over SMS ( OTP Login/two-factor authentication / 2FA )

The premium plugin supports any third-party custom SMS Gateway. If you don’t have your SMS gateway you can use miniOrange gateway and send SMS(OTP over SMS) all over the world for OTP authentication.
Here are some famous gateways supported for two-factor (WP 2FA/TFA/OTP).
Test your Gateway

Why do you need to register for Google Authenticator?

Google authenticator uses miniOrange APIs to communicate between your WP and miniOrange. To keep this communication secure, we ask you to register and assign API keys specific to your account. This way your account and users’ calls can be only accessed by API keys assigned to you.

Google Authenticator ( WP 2FA – two-factor authentication ) All Inclusive Plugin Features

Google Authenticator ( WP 2FA / OTP ) Enterprise Plugin Features

  • Google Authenticator – Two-Factor Authentication – 2FA for Users as per the upgrade ( User-based pricing )
  • Available Authentication Methods: Google Authenticator, Authy Authenticator, Microsoft Authenticator, LastPass Authenticator, QR Code, Push Notification, Soft Token, Security Questions(KBA), OTP Authentication(OTP Over Email, OTP Over SMS or OTP Over SMS and Email), Email Verification, Hardware Token. ( SMS and Email credits need to be purchased for successful OTP authentication as per the need)
  • Multiple Login Options: Username + password + two-factor Authentication (or) Username + two-factor authentication(2FA) i.e. Passwordless login /Login without password.
  • Backup Methods: KBA(Security Questions), OTP Over Email, Backup Codes.
  • Sync 2fa for multiple websites
  • Multisite compatible for all WordPress 2FA methods.
  • Email notification to users asking them to set up Google Authenticator – Two-Factor Authentication (WP 2FA/TFA).
  • User role based redirection after Login, Custom Security Questions (KBA), Customizable account name in Google Authenticator app.
  • Enable Two-Factor Authentication (WP 2FA/OTP) for specific Users/User Roles
  • Choose specific two-factor authentication methods for Users
  • Add-Ons Included: RBA & Trusted Devices Management Add-on, Personalization Add-on and Short Codes Add-on
  • Brute force attack prevention, IP Blocking & User login Monitoring
  • File protection & strong password
  • Monitoring current Google Authenticator and other two-factor authentication (2 Factor) method of all the users in the plugin
  • Session restriction

Add Ons for two-factor authentication ( WP 2FA / OTP )

  • RBA & Trusted Devices Management Add-on Features for two-factor authentication ( WP 2FA/OTP Login )

    • Remember Device to skip the two-factor authentication ( 2 Factor ) from the trusted devices.
    • Set Device Limit for the users to login
  • Personalization Add-on Features to customize your two-factor authentication/OTP Authentication pages

    • Custom UI of Two-Factor Authentication (WP 2FA/TFA) pop-ups
    • Custom Email and SMS Templates
    • Customize ‘Powered by’ Logo on wp 2fa authentication page
    • Customize Plugin Icon
    • Customize Plugin Name
  • Short Codes Add-on Features for two-factor authentication ( 2FA / MFA )

    • Turn on/off 2 factor (two-factor authentication) by user
    • Reconfigure 2fa methods
    • ‘Enable Remember Device’ from a custom login form to skip 2-factor for trusted devices.
    • On-Demand ShortCodes for specific functionalities ( like for enabling WordPress 2FA (Two-Factor authentication) for specific pages)
  • Device restriction with webauthn/ FIDO2
    Password free authentication is possible with WebAuthn.

Check all the security features other than two-factor authentication ( Two step verification/OTP authentication ) here: miniOrange Website

Useful blog posts about two-factor authentication ( 2FA / MFA ) plugin

Customized solutions and Active support are available. Email us at or call us at +1 9786589387.

Note: The plugin is GDPR Compliant and supports a wide variety of Language Translation


  • Google Authenticator (WP 2FA/OTP) - Setup different 2 Factor methods
  • Google Authenticator (WP 2FA/OTP) - Test 2 factor configured
  • Google Authenticator (WP 2FA/OTP) - 2 Factor Authentication (2FA) methods available
  • Google Authenticator (WP 2FA/OTP) - Google Authenticator login
  • Google Authenticator (WP 2FA/OTP) - QR code 2 Factor (2FA) login
  • Google Authenticator (WP 2FA/OTP) - miniOrange Authenticator login
  • Google Authenticator (WP 2FA/OTP) - Push notification login
  • Google Authenticator (WP 2FA/OTP) - Remember device and personalization add-ons


From your WordPress dashboard

  1. Navigate to Plugins > Add New from your WP Admin dashboard.
  2. Search for miniOrange 2 Factor Authentication (2FA)or Google Authenticator.
  3. Install miniOrange 2 Factor Authentication (2FA) and activate the plugin.


  1. Search for miniOrange 2 Factor Authentication (2FA) and download it.
  2. Unzip and upload the miniorange-2-factor-authentication (2FA) directory to your /wp-content/plugins/ directory.
  3. Activate miniOrange 2 Factor Authentication (2FA) from the Plugins tab of your admin dashboard.

Video Guide :

Perguntas frequentes

How do I gain access to my website if I get locked out using the Google Authenticator?

You can obtain access to your website by one of the below options:

  1. If you have an additional administrator account whose Two-Factor (2FA) is not enabled yet, you can login with it.
  2. If you had set up KBA questions earlier, you can use them as an alternate method to login to your website instead of 2FA.
  3. Rename the plugin from FTP – this disables the Google Authenticator (WP 2FA/TFA) plugin and you will be able to login with your WordPress username and password.

For detailed information, Please check on our website. Locked Out.
You can also check our video Tutorial:

I want to enable Google Authenticator 2 Factor authentication (2FA) as the backup method?

You can use google authenticator as the backup method for your specific user or all users in the premium version of the two-factor authentication. [PREMIUM FEATURE]

I have enabled Two-Factor Authentication (2FA / TFA) for all users, what happens if an end-user tries to login but has not yet registered?

If a user has not set up Two-Factor yet, the user has to register by inline registration that will be invoked during the login.

I want to enable only one authentication method for my users. What should I do?

You can select the two-factor authentication methods under the Login Settings tab. The selected authentication methods will be shown to the user during inline registration for example if you select Google Authenticator it will be shown on login. [PREMIUM FEATURE]

I have a custom/front-end login page on my site and I want the look and feel to remain the same when I add 2-factor ?

If you have a custom login form other than wp-login.php then we will provide you the shortcode. Shortcode will work only for the customized login page created from WordPress plugins. We are not claiming that it will work with all the customized login pages. In such a case, custom work is needed to integrate two-factor with your customized login page. You can submit a query in our Support Section in the plugin or you can contact us at for more details.

I have installed plugins that limit the login attempts like Limit Login Attempt, Loginizer, Wordfence, etc. Are there any incompatibilities with these kinds of plugins?

The limit login attempt kind of plugins limit the number of login attempts and block the IP temporarily. So if you are using 2 factor(WP 2fa/TFA) along with these kinds of plugins then you should increase the login attempts (minimum 5) so that you don’t get locked out yourself.

If you are using any Security Plugin in WordPress like Simple Security Firewall, All in One WP Security Plugin and you are not able to login with Two-Factor.

Our Two-Factor plugin is compatible with most of the security plugins, but if it is not working for you. Please submit a query in our Support Section in the plugin or you can contact us at

If you are using any render-blocking javascript and CSS plugin like Async JS and CSS Plugin and you are not able to login with Two-Factor or your screen went blank.

If you are using Async JS and CSS Plugin. Please go to its settings and add jquery to the list of exceptions and save settings. It will work. If you are still not able to get it right, Please submit a query in our Support Section in the plugin or you can contact us at

My phone has no internet connectivity and I am entering the one time passcode from miniOrange Authenticator App during OTP login, it says Invalid OTP?

Click on the Settings Icon on top right corner in miniOrange Authenticator App and then press Sync button under ‘Time correction for codes’ to sync your time with miniOrange Servers. If you still can’t logged in then please email us at or Contact us.Soft Token method is just like google authenticator method.

I am upgrading my phone.

You should go to Setup Two-Factor (2FA) Tab and click on Reconfigure to reconfigure 2-Factor with your new phone.


4 Maio, 2022
Soham and Mayur were able to fix all of my issues and always did so in a timely manner. The premium plugin works as advertised. Very happy with my decision to support this company.
8 Março, 2022
Had some issues but good recovery from customer services and now app is set up properly. I think the app could be better supported with clearer user education beforehand. There is a lot of tricky set upon issues for the new user. But the follow-up support was very helpful.
20 Janeiro, 2022
I had installed the plugin on 2 WP sites and for whatever reason I logged myself out on 1 site. The support has been very helpful and solved the problem for me. A big big thank you to Mintu Kumar from the support team! Everything works fine now! 🙂
18 Janeiro, 2022
Have used this plugin for years... no issues. However, the latest update pushed on a WP notice on every single dashboard page to upsell their premium subscription. However, the "Dismiss" and the "Never Show Again" buttons do absolutely nothing. After 24 hours of back and forth with their support, they claim it is fixed. It's not. It's on every single one of my sites, clearly an issue with the plugin updates. Until they actually fix their issue (a breach of WP plugin policy to use notices that cannot be dismissed) - find a better 2FA plugin. I'd give this a 0 if I could.
Ler todas as 321 avaliações

Contribuidores e programadores

“miniOrange's Google Authenticator – WordPress Two Factor Authentication (2FA , Two Factor, OTP SMS and Email) | Passwordless login” é software de código aberto. As seguintes pessoas contribuíram para este plugin:


Registo de alterações


  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Bug Fixes and Code Improvements


  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Bug Fixes and Code Improvements


  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Bug Fixes and Code Improvements


  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Bug Fixes and Code Improvements


  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Bug Fixes and Code Improvements


  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Bug Fixes


  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Compatibility with WordPress v6.0
  • Added SMS transactions link


  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Minor Bug fix


  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • UI fixes for non-admin users


  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Updated Plugin UI


  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Updated Pricing page UI


  • Google Authenticator – Two factor Authentication (2FA, OTP) :
  • Updated Network Security UI

For older changelog entries, please see the additional changelog.txt file provided with the plugin.