이 플러그인은 최근 3개의 주요 워드프레스 출시와 시험 되지 않았습니다. 워드프레스의 좀 더 최근 버전으로 이용할 때 더 이상 관리되지 않고 지원되지 않고 호환성 문제가 있을 수 있습니다.

WordPress Strong Authentication

설명

WordPress Strong Authentication lets you authenticate users with a second
factor of possession.

Only if the user is able to provide this second factor, he is allowed to login.
Such a second factor can be an OTP display card, an OTP hardware token, a Yubikey,
a smartphone App like the Google Authenticator or access to an mobile phone
to receive an SMS or access to an email account.

The use then needs to authenticate with his wordpress password and in addition with
a code, generated by his device or sent via email or SMS.

All the devices are managed in the backend (privacyIDEA)[http://privacyidea.org], the Strong Authentication
plugin forwards authentication requests to this backend, which you can easily run
on the same machine or anywhere in your network.

환경설정

Please add at least a hostname or IP address of your backend server privacyIDEA.
You need to enter the hostname together with the protocol and the port, if it is
not a standard port.
If you are using self signed certificates, you should disable the verification of hostname and peer.

Please note: You need to have the same users in the LinOTP server.
You can achieve this by configuring an SQL Resolver and presetting this to
Wordpress.

문제 해결

If you misconfigured the plugin, you might not be able to authenticate anymore!

So it is always a good idea to add some users to the “excluded users” list.
These users will be able to authenticate without a second factor and
even if the authentication server should be down.

Another possibility is to disable the plugin by removing or renaming the
plugin directory.
In this case is will fall back to the old wordpress passwords.

설치

You can install this plugin from within your wordpress plugin menu.

Alternatively you can install it manually:

For installing the wordpress plugin simply copy the file
wp-strong-authentication.php to the wordpress directory

./wp-content/plugins

FAQ

Q: What happens if my authentication backend is offline?

A: If your authentication backend is offline, the users are not able
to authenticate with OTP. This is the same as if you SQL server is down
or your LDAP server is not reachable.

Alas, you can configure certain users, who will not be authenticated against
the backend but within wordpres. This can be an emergency entry.

후기

이 플러그인에 대한 평가가 없습니다.

기여자 & 개발자

“WordPress Strong Authentication”(은)는 오픈 소스 소프트웨어입니다. 다음의 사람들이 이 플러그인에 기여하였습니다.

기여자

자국어로 “WordPress Strong Authentication”(을)를 번역하세요.

개발에 관심이 있으십니까?

코드 탐색하기는, SVN 저장소를 확인하시거나, 개발 기록RSS로 구독하세요.

변경이력

1.2.1

  • Use PHP curl for a better communitcation to the privacyIDEA server

1.2

  • Add user-agent to POST request

1.1.1

  • Fixed and error in displaying errors :-/

1.1

  • remove php curl and use WP HTTP class instead

1.0

  • Add possibility to exclude users from two factor authentication