Two Factor Authentication on WP.org

(Beta1). Based on the Two Factor pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party, a feature project for WordPress CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress., a first trial version of 2FA is now available on WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/. While it’s not in a state yet suitable for rollout across the network, it is ready to be tested by a subset of users—based on ease of segmentation that’s Core Committers and users that are Super Admins. During the testing period it is only in place on login.wordpress.org and does not yet protect other parts of the network such as SVNSVN Apache Subversion (often abbreviated SVN, after its command name svn) is a software versioning and revision control system. Software developers use Subversion to maintain current and historical versions of files such as source code, web pages, and documentation. Its goal is to be a mostly compatible successor to the widely used Concurrent Versions System (CVS). WordPress core and the wordpress.org released code are all centrally managed through SVN. https://subversion.apache.org/. or TracTrac Trac is the place where contributors create issues for bugs or feature requests much like GitHub.https://core.trac.wordpress.org/..

Since 2FA is part of account security, the UIUI UI is an acronym for User Interface - the layout of the page the user interacts with. Think ‘how are they doing that’ and less about what they are doing. to enable it will live in the support forumSupport Forum WordPress Support Forums is a place to go for help and conversations around using WordPress. Also the place to go to report issues that are caused by errors with the WordPress code and implementations.’s profile page. From there, users can enable and disable it, as well as generate backup codes (alongside updating their password to a more secure one, generated by their favorite password manager).

Two Factor Authentication on WordPress.org will use a Time-based One-time Password Algorithm as the primary authentication method. Popular apps for that method are Authy or Google Authenticator, which make it easy to manage multiple accounts that are 2FA enabled. Secondary methods (in case users don’t have access to their phone) will be via email, SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. (if 2FA is enabled there too), or printable backup codes.

All code is open-sourced and the work on this feature is trac’d in #77-meta, where you can follow along with the latest updates to this feature. In case there are not too many bugs uncovered during this first trial period, the current plan is to improve this enhancement over the next few weeks, and make it available to all users eventually.

+make.wordpress.org/core +make.wordpress.org/community +make.wordpress.org/test