Title: OOSOFT 2FA Security Author: oosoft Published: 28 Απριλίου 2026 Last modified: 28 Απριλίου 2026 --- Αναζήτηση πρόσθετων ![](https://ps.w.org/oosoft-2fa-security/assets/icon-256x256.png?rev=3518666) # OOSOFT 2FA Security Από [oosoft](https://profiles.wordpress.org/oosoft/) [Λήψη](https://downloads.wordpress.org/plugin/oosoft-2fa-security.zip) * [Λεπτομέρειες](https://el.wordpress.org/plugins/oosoft-2fa-security/#description) * [Κριτικές](https://el.wordpress.org/plugins/oosoft-2fa-security/#reviews) * [Εγκατάσταση](https://el.wordpress.org/plugins/oosoft-2fa-security/#installation) * [Ανάπτυξη](https://el.wordpress.org/plugins/oosoft-2fa-security/#developers) [Υποστήριξη](https://wordpress.org/support/plugin/oosoft-2fa-security/) ## Περιγραφή OOSOFT 2FA Security adds robust two-factor authentication to your WordPress site. Protect every login with a second verification step using a TOTP authenticator app( Google Authenticator, Authy, etc.) or a one-time code sent to your email address. **Key Features:** * **TOTP Authenticator App** — compatible with Google Authenticator, Authy, Microsoft Authenticator, and any RFC 6238-compliant app. * **Email OTP** — sends a time-limited one-time code to the user’s registered email address. * **Backup Codes** — generate single-use recovery codes so users are never locked out. * **Role-Based Enforcement** — require 2FA for specific roles (e.g. administrators) while leaving it optional for others. * **Rate Limiting** — brute-force protection with configurable attempt limits and lockout periods. * **Security Logs** — detailed event logging with filterable admin view and automatic pruning. * **Encrypted Secret Storage** — TOTP secrets are encrypted at rest using libsodium( preferred) or AES-256-GCM/CBC via OpenSSL. * **HKDF Key Derivation** — encryption keys are derived from your WordPress secret keys; no raw key material is stored. ## Εγκατάσταση 1. Upload the `oosoft-2fa-security` folder to the `/wp-content/plugins/` directory. 2. Activate the plugin through the **Plugins** menu in WordPress. 3. Go to **Settings > 2FA Security** to configure enforcement rules and options. 4. Users can set up their preferred 2FA method from their **Profile** page. ## Συχνές Ερωτήσεις ### Which authenticator apps are supported? Any app that supports the TOTP standard (RFC 6238), including Google Authenticator, Authy, Microsoft Authenticator, and 1Password. ### What happens if a user loses their authenticator app? Users can log in with one of their backup codes. Administrators can also disable 2FA for a user from the Users list. ### Is TOTP secret storage secure? Yes. Secrets are encrypted with AES-256 (libsodium secretbox preferred, OpenSSL AES-256-GCM/CBC as fallback) before being stored in the database. Encryption keys are derived from your site’s unique WordPress secret keys via HKDF-SHA256. ### Does this plugin work with WooCommerce or custom login forms? The plugin intercepts WordPress’s core authentication pipeline, so it works with any theme or plugin that uses `wp_signon()` or the standard login form. ## Κριτικές Δεν υπάρχουν αξιολογήσεις για αυτό το πρόσθετο. ## Συνεισφέροντες & Προγραμματιστές “OOSOFT 2FA Security” είναι λογισμικό ανοιχτού κώδικα. Οι παρακάτω έχουν συνεισφέρει στη δημιουργία του. Συντελεστές * [ oosoft ](https://profiles.wordpress.org/oosoft/) * [ OOSOFT ](https://profiles.wordpress.org/mudivillanv/) [Μεταφράστε το “OOSOFT 2FA Security” στην γλώσσα σας.](https://translate.wordpress.org/projects/wp-plugins/oosoft-2fa-security) ### Ενδιαφέρεστε για την ανάπτυξη; [Περιηγηθείτε στον κώδικα](https://plugins.trac.wordpress.org/browser/oosoft-2fa-security/), ανατρέξτε στο [αποθετήριο SVN](https://plugins.svn.wordpress.org/oosoft-2fa-security/) ή εγγραφείτε στο [αρχείο καταγραφής αλλαγών ανάπτυξης](https://plugins.trac.wordpress.org/log/oosoft-2fa-security/) μέσω [RSS](https://plugins.trac.wordpress.org/log/oosoft-2fa-security/?limit=100&mode=stop_on_copy&format=rss). ## Σύνοψη αλλαγών #### 1.0.2 * Improved escaping and security hardening throughout. * Removed deprecated load_plugin_textdomain() call (WordPress 4.6+ auto-loads translations). * Added HKDF key derivation fallback warning when WordPress secret keys are not configured. #### 1.0.1 * Fixed QR code scanning compatibility with major authenticator apps. * Switched to proven qrcodejs library for QR generation. #### 1.0.0 * Initial release. ## Μεταστοιχεία * Version **1.0.2** * Τελευταία ενημέρωση: **πριν από 2 εβδομάδες** * Ενεργές εγκαταστάσεις: **Λιγότερες από 10** * Έκδοση WordPress: ** 6.0 ή νεότερη ** * Δοκιμασμένο μέχρι: **6.9.4** * Έκδοση PHP: ** 8.0 ή νεότερη ** * Language * [English (US)](https://wordpress.org/plugins/oosoft-2fa-security/) * Ετικέτες: * [2FA](https://el.wordpress.org/plugins/tags/2fa/)[otp](https://el.wordpress.org/plugins/tags/otp/) [security](https://el.wordpress.org/plugins/tags/security/)[totp](https://el.wordpress.org/plugins/tags/totp/) [two factor authentication](https://el.wordpress.org/plugins/tags/two-factor-authentication/) * [Σύνθετη Προβολή](https://el.wordpress.org/plugins/oosoft-2fa-security/advanced/) ## Αξιολογήσεις No reviews have been submitted yet. [Your review](https://wordpress.org/support/plugin/oosoft-2fa-security/reviews/#new-post) [Δείτε όλες τις κριτικές](https://wordpress.org/support/plugin/oosoft-2fa-security/reviews/) ## Συντελεστές * [ oosoft ](https://profiles.wordpress.org/oosoft/) * [ OOSOFT ](https://profiles.wordpress.org/mudivillanv/) ## Υποστήριξη Έχετε κάτι να πείτε; Χρειάζεστε βοήθεια; [Φόρουμ υποστήριξης](https://wordpress.org/support/plugin/oosoft-2fa-security/)