Two-Factor plugin for WordPress. View on WordPress.org →

See the readme.txt for installation and usage instructions.

Please report (non-security) issues and open pull requests on GitHub. See below for information on reporting potential security/privacy vulnerabilities.

Join the #core-passwords channel on WordPress Slack (sign up here).

To use the provided development environment, you'll first need to install and launch Docker. Once it's running, the next steps are:

$ git clone https://github.com/wordpress/two-factor.git
$ cd two-factor
$ composer install
$ npm install
$ npm run build
$ npm run env start

See package.json for other available scripts you might want to use during development, like linting and testing.

When you're ready, open a pull request with the suggested changes.

1. Run npm run env start
2. Run npm run test or npm run test:watch.

1. Create a MySQL database for the tests. Don't reuse an existing database, because all of the data will be deleted every time the tests are run.
2. Add the following to your ~/.bashrc, with the values for the database you created above:

   export WORDPRESS_DB_NAME=wp_tests
   export WORDPRESS_DB_USER=wp_tests
   export WORDPRESS_DB_PASSWORD=wp_tests
   

3. source ~/.bashrc
4. Run composer run test or composer run test:watch.

To view the code coverage report, you can open a web browser, go to File > Open file..., and then select {path to two-factor}/tests/logs/html/index.html.

Deployments to WP.org plugin repository are handled automatically by the GitHub action .github/workflows/deploy.yml. All merges to the master branch are commited to the trunk directory while all Git tags are pushed as versioned releases under the tags directory.

• PHP codebase doesn't pass the WordPress coding standard checks, see #437.

Created by contributors and released under GPLv2 or later.

Please privately report any potential security issues to the WordPress HackerOne program.