Securus – Yubikey 2 Factor Authentication plugin for WordPress
Attention! This plugin requires you a YubiKey!! If you do not have one (which you should!!) Do NOT buy this plugin!!
You can pickup a Yubikey at yubico.com – I highly recommend Yubikey Neo. This plugin works best with Neo, but also works with Yubikey Standard and Nano.
2 Factor Authentication can be setup on a user by user basis.
Translation Ready – including POT files.
Communicates with YubiCloud over a secure connection at no additional cost.
Captures users OTP (One Time Password) and make sure it belongs to the user, then validates the OTP via the YubiCloud redundant servers.
If a user does not have a Yubikey Neo they can disable 2 Factor Authentication for mobile devices.
If a user has a Neo configured to transmit an OTP via NFC (Near Field Communication) no need to disable Securus for mobile devices.
Can register up to 3 keys per account.
Ajaxed Login form – non 2 Factor users will never even know Securus is monitoring the login form.
After entering your Username and Password, Securus checks your profile to see if you have Securus setup and if so, displays a OTP field on the login form without reloading the page.
After you enter your OTP, Securus runs a pre-validation check of your username, password, and OTP to make sure everything is accurate. Once verified, it submits the form and lets WordPress go though the login process and fully validates the OTP on the YubiCloud.
If a user disables JS – Securus falls back to pure PHP based 2 Factor Authentication. Securus uses JavaScript as an enhancement – not a replacement.
Securus also includes a configurable IP based User Lockout feature. If a user tries to login too many times with invalid credentials Securus will lock the user out for a pre-configured time.
Securus does not add additional tables or columns to your WordPress database.
Securus uses WP best practices for interacting with the database.
Documentation is located here and a video walkthrough will be on YouTube shortly.
A lot of people refer to 2nd Factor Authentication as multi factor auth – but that is a misnomer.
Single Factor Authentication is simply something you know – most commonly, your password.
2 Factor Authentication includes single factor auth, and then requires something you have – most commonly, a token device (smart phone, USB device, keychain fob. etc.)
Multi-factor Authentication includes both single and second factor auth, but then requires something you ARE – most commonly, biometrics, like finger prints, retinal scan, face recognition, etc.
2 Factor Authentication is also known as 2nd Factor Authentication, Second Factor Authentication, and acronymed as 2FA.
Multi Factor Authentication is acronymed as MFA.