Two-Factor Auth progress for WordPress.org

Development work is in progress to implement two-factor authentication (2FA) for accounts on WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/. (This is something we tried briefly once before, but it wasn’t ready for production use at the time).

To be absolutely clear: this is about rolling out 2FA for accounts on the WordPress.org web site itself – that is, for people like pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party and theme developers, WordCampWordCamp WordCamps are casual, locally-organized conferences covering everything related to WordPress. They're one of the places where the WordPress community comes together to teach one another what they’ve learned throughout the year and share the joy. Learn more. organizers, forum participants, Make site commenters, coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. developers, and contributors to the WordPress project in general. It will have no effect on the wider world of WordPress sites, except in the sense that we hope to set a good example and encourage others to use 2FA plugins.

The 2FA implementation that we’re using is provided by the Two Factor plugin, which is a well-established project with a long history that’s a candidate for eventual inclusion in WordPress core. It’s listed on the Beta page of the plugin directory.

Given the complexity of the MetaMeta Meta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. environment, and the large network of sites and customizations that powers the many parts of the WordPress.org web site, there is ongoing work needed to ensure the plugin integrates cleanly and securely everywhere it is needed.

Progress is happening on two fronts:

We haven’t yet set a time frame for rolling out 2FA availability on accounts, but hope to have something you’ll be able to opt-in to try out in the early part of 2023.

In the meantime, if you are interested in helping to improve the two-factor plugin generally, you can install it on your own WordPress site to test it out, and get involved in its development on GitHub.