two-factor icon indicating copy to clipboard operation
two-factor copied to clipboard
verified publisher icon WordPress

Add force users to enable two-factor on next login

Open loftwah opened this issue 3 years ago • 2 comments

I'd like the ability to be able to force users to enable two-factor authentication on next login. This is a common feature in certain web applications and it would be handy to be able to set an option that forces all of the users to turn it on at next available opportunity. Even better if this can be done in cases where the server does not have SMTP capability.

loftwah avatar Aug 31 '22 03:08 loftwah

I'd love this not just for individual users, but for anyone in given roles or higher (ie, set it at Author, and Authors, Editors, and Admins are all forced). I also think that it would be ideal if this stays in force, and therefore locks someone out if they ever turn off 2FA when their account falls into such a group. It would be nice to also force a type of 2FA on these users, so that I can disallow email 2FA for admins, for example.

It also seems that this is somewhat related to #239.

alexclst avatar Sep 19 '22 21:09 alexclst

You're right, it is similar. I promise I tried to search for similar issues :)

loftwah avatar Sep 20 '22 04:09 loftwah

I'm gonna close this because it looks like a duplicate of #255 / #239, but let me know if there's anything distinct that I missed.

iandunn avatar Oct 19 '22 16:10 iandunn

It all looks the same to me. Thank you, I'm looking forward to seeing this in the plugin sometime.

loftwah avatar Oct 21 '22 00:10 loftwah