Woocommerce 2 Factor Authenticator


A highly secure & easy to setup Two-Factor Authentication for your WordPress site. Rather than relying on a password alone, which can be phished or guessed, miniOrange Two-Factor authentication adds a second layer of security to your WordPress accounts. It protects your website from hacks and unauthorized login attempts.

This plugin provides two factor authentication during login. If you are looking for OTP Verification of users during Registration then we have a separate plugin for this. Click Here to learn more.

  • You can login using username + password + two-factor or username + two-factor.
  • Two-Factor can be enabled for role wise.
  • It can be deployed for your entire userbase in minutes.
  • All types of phones are supported Smart Phones (iPhone, Android, BlackBerry), Basic Phones, Landlines, etc.
  • If your phone is lost or stolen or discharged, we offer alternate login methods like OTP Over Email and Security Questions (KBA).
  • If your phone is offline, you can use a one time passcode generated by app to login.
  • It offers inline registration of users so you can simply activate and configure the plugin and you are all set.
  • We support multi factor authentication for all type of phones.
  • Soft Token, QR Code Authentication are supported by miniOrange Authenticator App.
  • If you want to login from mobile browser then any authentication method can be converted into Security Questions (KBA) by just one click.
  • You can customize the Security Questions (KBA). You can add your own setup of questions in the Security Questions list. Administrator as well as users both can add custom questions. Administrator can also decide how many questions user can setup for Security Questions.

Apps Supported by miniOrange Two Factor Authentication?

  • miniOrange Authenticator App.

How is miniOrange Two Factor Auth different?

  • We support multilpe authentication methods along with their backup method.
  • We support Device Identification. If the user select remember device then in the next login from same device, user will not be prompted for Two Factor.
  • We support Two Factor for Woocommerce frontend login theme.
  • ShortCode is now available for different frontend custom login page.
  • Two Factor Auth using ShortCode for Premium themes are also supported. If you need help for integrating Two Factor, you can contact us.
  • It is very difficult to login into your site from mobile browser with second factor enabled. We provide you option that will convert any authentication method into Security Questions (KBA) on mobile browser.

How miniOrange Authenticator App is better?

We recommend you to use miniOrange Authenticator App as

  • miniOrange Authenticator App encrypts all data, whereas Google Authenticator stores data in plain text.
  • miniOrange Authenticator App has in-build Pin-Protection so you can protect your google authenticator keys or whole app using pin whereas Google Authenticator is not protected at all.
  • miniOrange has better backup methods.
  • No need to type in the code at all. Contact us to get miniOrange Autofill Plugin, it can seamlessly connect your computer to your phone. Code will get auto filled and saved.

Free/Premium Version

By default, Two-Factor Authentication plugin for WordPress is free for 1 user forever. Limited Authentication methods are included in the free version of plugin. Telephony credits are needed for certain authentication methods like Phone Verification, OTP over SMS. In order to protect more accounts or use enterprise features, you need to upgrade to premium version of plugin. Besides including all authentication methods, it has inline registration for all users, user management dashboard access, remember device, manage device profiles, customize options for email and sms templates,custom redirect after login,customize Security Questions (KBA) customized UI for login screens etc. You can upgrade to premium version of plugin to have these features.

Customized solutions and Active support is available. Email us at info@miniorange.com or call at +1 9786589387.

Ability to define trusted locations, trusted time of access and User behavior rules are supported. Email us at info@miniorange.com or call at +1 9786589387.

Single Sign on into any cloud application E.g Google Apps, Salesforce, Office 365, Box, DropBox etc are supported. Check out 3000+ apps that are supported here http://miniorange.com/single-sign-on-sso

miniOrange supports 15+ authentication methods. For a complete list of authentication methods please visit http://miniorange.com/strong_auth . If you want to have any other 2-factor for your WordPress site, Contact us.

  • OTP over Email
  • Soft Token (similar to google authenticator)
  • Security Questions
  • Mobile Authentication ( QR Code authentication )
  • Device Identification
  • Location
  • Time of Access
  • User Behavior

You can choose from any of the above two factor auth methods to augment your password based authentication. miniOrange multi factor authentication service works with all phone types, from landlines to smart-phone platforms.

For support please email us at info@miniorange.com or call us at +1 978 658 9387


  • Setup different 2-Factor methods
  • 2 Factor plugin settings.
  • Advance plugin settings
  • Login form option1 (Enter username)
  • Login form option2 (Enter username)
  • QR Code Authentication Login Screen ( Authenticate your mobile )
  • OTP Login Screen ( OTP over SMS,Phone Call Verifiction,Soft Token,Google Authenticator )
  • Push Notification and Email Verification


From your WordPress dashboard

  1. Visit Plugins > Add New
  2. Search for miniOrange 2 Factor Authentication. Find and Install miniOrange 2 Factor Authentication
  3. Activate the plugin from your Plugins page

From WordPress.org

  1. Download miniOrange 2 Factor Authentication.
  2. Unzip and upload the miniorange-2-factor-authentication directory to your /wp-content/plugins/ directory.
  3. Activate miniOrange 2 Factor Authentication from your Plugins page.

Once Activated

  1. Select miniOrange 2-Factor from the left menu and follow the instructions.
  2. Once, you complete your setup. Click on Log Out button.
  3. Enter the username and click on Login with miniOrange.
  4. Scan QRCode from your miniOrange mobile app.
  5. If your mobile is offline, click on Click here if your phone is offline.
  6. In your miniOrange mobile app, click on Soft Token and enter OTP.
  7. Click on Validate


I want to enable Two-Factor( 2FA ) role wise ?

You can select the roles under Login Settings tab to enable the plugin role wise. [PREMIUM FEATURE]

I have enabled Two-Factor(2FA) for all users, what happens if an end user tries to login but has not yet registered ?

If a user has not setup Two-Factor yet, user has to register by inline registration that will be invoked during the login.

I want to enable only one authentication method for my users. What shloud I do?

You can select the authentication methods under Login Settings tab. The selected authentication methods will be shown to the user during inline registration. [PREMIUM FEATURE]

I am getting the fatal error of call to undefined function json_last_error(). What should I do?

Please check your php version. The plugin is supported in php version 5.3.0 or above. You need to upgrade your php version to 5.3.0 or above to use the plugin.

I did not recieve OTP while trying to register with miniOrange. What should I do?

The OTP is sent to your email address with which you have registered with miniOrange. If you can’t see the email from miniOrange in your mails, please make sure to check your SPAM folder. If you don’t see an email even in SPAM folder, please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.

I want to configure 2nd factor by Google Authenticator.

Select the radio button next to Google Authenticator/Authy App and select the phone type and then scan the QR Code by Google Authenticator App. Enter the 6 digit code in the textbox and click on Save and verify buuton.

I want to configure 2nd factor by Authy 2-Factor Authentication App.

Select the radio button next to Google Authenticator/Authy App and select the phone type and then scan the QR Code by Authy 2-Factor Authentication App. Enter the 6 digit code from the Authy App into the textbox available and click on Save and Verifiy button.

I forgot the password of my miniOrange account. How can I reset it?

There are two cases according to the page you see –
1. Login with miniOrange screen: You should click on forgot password link. You will get a new password on your email address with which you have registered with miniOrange . Now you can login with the new password.

  1. Register with miniOrange screen: Enter your email ID and any random password in password and confirm password input box. This will redirect you to Login with miniOrange screen. Now follow first step.

I have a custom / front-end login page on my site and I want the look and feel to remain the same when I add 2 factor ?

If you have a custom login form other than wp-login.php then we will provide you the shortcode. Shortcode will work only for the customized login page created from wordpress plugins. We are not claiming that it will work with all the customized login page. In such case, custom work is needed to integrate two factor with your customized login page. You can submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com for more details.

I have Woocommerce theme login page on my site. How can I enable Two Factor ?

If you have Woocommerce theme login then go to Advanced Options Tab and check Enable Two-Factor for Woocommerce Front End Login. If you need any help setting up 2-Factor for your Woocommerce theme login form, please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.

I have installed plugins which limit the login attempts like Limit Login Attempt, Loginizer, Wordfence etc. Is there any incompatibilities with these kind of plugins?

The limit login attempt kind of plugins limit the number of login attempts and block the IP temporarily. So if you are using 2 factor along with these kind of plugins then you should increase the login attempts (minimum 5) so that you dont get locked out yourself.

If you are using any Security Plugin in WordPress like Simple Security Firewall, All in One WP Security Plugin and you are not able to login with Two-Factor.

Our Two-Factor plugin is compatible with most of the security plugins, but if it is not working for you. Please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.

If you are using any render blocking javascript and css plugin like Async JS and CSS Plugin and you are not able to login with Two-Factor or your screen got blank.

If you are using Async JS and CSS Plugin. Please go to its settings and add jquery in the list of exceptions and save settings. It will work. If you are still not able to get it right, Please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.

My users have different types of phones. What phones are supported?

We support all types of phones. Smart Phones, Basic Phones, Landlines, etc. Go to Setup Two-Factor Tab and select Two-Factor method of your choice from a range of 8 different options.

What if a user does not have a smart phone?

You can select OTP over SMS, Phone Call Verification or Email Verification as your Two-Factor method. All these methods are supported on basic phones.

What if a user does not have any phone?

You can select Email Verification or Security Questions (KBA) as your Two-Factor method.

What if I am trying to login from my phone ?

If your Security Questions (KBA) are configured then you will be asked to answer them when you are logging in from your phone.

I want to hide default login form and just want to show login with phone?

You should go to Login Settings Tab and check Login with Phone Only checkbox to hide the default login form.

My phone has no internet connectivity and configured 2nd factor with miniOrange App, how can I login?

You can login using our alternate login method. Please follow below steps to login:

  • Enter your username and click on login with your phone.
  • Click on Phone is Offline? button below QR Code.
  • You will see a textbox to enter one time passcode.
  • Open miniOrange Authenticator App and Go to Soft Token Tab.
  • Enter the one time passcode shown in miniOrange Authenticator App in textbox, just like google authenticator.
  • Click on submit button to validate the otp.
  • Once you are authenticated, you will be logged in.

My phone is lost, stolen or discharged. How can I login?

You can login using our alternate login method. Click on the Forgot Phone link and you will get 2 alternate methods to login. Select “Send a one time passcode to my registered email” to authenticate by OTP over EMAIL or Select “Answer your Security Questions (KBA)” to authenticate by knowledge based authenticaion.

My phone has no internet connectivity and i am entering the one time passcode from miniOrange Authenticator App, it says Invalid OTP?

Click on the Settings Icon on top right corner in miniOrange Authenticator App and then press Sync button under ‘Time correction for codes’ to sync your time with miniOrange Servers. If you still can’t logged in then please email us at info@miniorange.com or Contact us.Soft Token method is just like google authenticator method.

I want to go back to default login with password?

You should go to Login Settings Tab and uncheck Enable Two-Factor plugin checkbox. This will disable 2-Factor and you can login using wordpress default login.

I am upgrading my phone.

You should go to Setup Two Factor Tab and click on Reconfigure to reconfigure 2-Factor with your new phone.

What If I want to use any other second factor like OTP Over SMS, Security Questions, Device Id, etc ?

miniOrange authentication service has authentication methods like One time passcodes (OTP) over Email, Soft Token, Security Questions, Mobile Authentication (QR Code Authentication), Device Identification, Location, Time of Access User Behavior. To know more about authentication methods, please visit http://miniorange.com/strong_auth . If you want to have any other 2-factor for your WordPress site, please email us at info@miniorange.com or Contact us.


There are no reviews for this plugin.

Contributors & Developers

“Woocommerce 2 Factor Authenticator” is open source software. The following people have contributed to this plugin.




  • Compatible with WordPress 5.9.1 and bug fixes.


  • Compatible with WordPress 4.9.4 and Removed External Links.


  • Tested upto WordPress 4.9.


  • First version of Two-Factor ( 2FA ) plugin.