New to Translating WordPress? Read through our Translator Handbook to get started. Hide
Prio | Original string | Translation | — |
---|---|---|---|
Includes support for Ultimate Member login forms (Premium version) | You have to log in to add a translation. | Details | |
Original untranslated
Includes support for Ultimate Member login forms (Premium version)
You have to log in to edit this translation. |
|||
Includes support for Ultimate Membership Pro | You have to log in to add a translation. | Details | |
Original untranslated
Includes support for Ultimate Membership Pro
CommentFound in description list item. You have to log in to edit this translation. |
|||
Alert users if someone appears to have found out their password, as indicated by successfully entering a password but repeatedly entering an incorrect TFA code. | You have to log in to add a translation. | Details | |
Original untranslated
Alert users if someone appears to have found out their password, as indicated by successfully entering a password but repeatedly entering an incorrect TFA code.
CommentFound in description list item. You have to log in to edit this translation. |
|||
Encrypt the TFA-generating secret keys using an on-disk encryption key, so that an attacker would need to break into both your WordPress database <em>and</em> your files in order to break TFA codes (as well as breaking a user's password in order to use them) | You have to log in to add a translation. | Details | |
Original untranslated
Encrypt the TFA-generating secret keys using an on-disk encryption key, so that an attacker would need to break into both your WordPress database <em>and</em> your files in order to break TFA codes (as well as breaking a user's password in order to use them)
CommentFound in description list item. You have to log in to edit this translation. |
|||
Includes support for login forms from the Gravity Forms User Registration add-on (Premium version) | You have to log in to add a translation. | Details | |
Original untranslated
Includes support for login forms from the Gravity Forms User Registration add-on (Premium version)
CommentFound in description list item. You have to log in to edit this translation. |
|||
Includes support for CozmosLabs Profile Builder | You have to log in to add a translation. | Details | |
Original untranslated
Includes support for CozmosLabs Profile Builder
CommentFound in description list item. You have to log in to edit this translation. |
|||
TFA can be required for specified user levels, after a defined time period (e.g. require all admins to have TFA, once their accounts are a week old) (<a href="https://www.simbahosting.co.uk/s3/product/two-factor-authentication/">Premium version</a>), including forcing them to immediately set up (by redirecting them to the page to do so) | You have to log in to add a translation. | Details | |
Original untranslated
TFA can be required for specified user levels, after a defined time period (e.g. require all admins to have TFA, once their accounts are a week old) (<a href="https://www.simbahosting.co.uk/s3/product/two-factor-authentication/">Premium version</a>), including forcing them to immediately set up (by redirecting them to the page to do so)
CommentFound in description list item. You have to log in to edit this translation. |
|||
You have a password manager extension installed in your web browser, with the correct password entered in it. It has automatically replaced your wrong password with the right one from its saved store. This behaviour has been observed and confirmed by several users. You can verify it by using the web developer tools in your browser to look at the HTTP data sent to WordPress, and observe which password is actually in it. You can also open a fresh web browser with no such extension in it to re-test. | You have to log in to add a translation. | Details | |
Original untranslated
You have a password manager extension installed in your web browser, with the correct password entered in it. It has automatically replaced your wrong password with the right one from its saved store. This behaviour has been observed and confirmed by several users. You can verify it by using the web developer tools in your browser to look at the HTTP data sent to WordPress, and observe which password is actually in it. You can also open a fresh web browser with no such extension in it to re-test.
CommentFound in faq paragraph. You have to log in to edit this translation. |
|||
Includes support for any and every third-party login form (Premium version) without any further coding needed via appending your TFA code to the end of your password | You have to log in to add a translation. | Details | |
Original untranslated
Includes support for any and every third-party login form (Premium version) without any further coding needed via appending your TFA code to the end of your password
CommentFound in description list item. You have to log in to edit this translation. |
|||
Site owners can allow "trusted devices" on which TFA codes are only asked for a chosen number of days (instead of every login); e.g. 30 days (<a href="https://www.simbahosting.co.uk/s3/product/two-factor-authentication/">Premium version</a>) | You have to log in to add a translation. | Details | |
Original untranslated
Site owners can allow "trusted devices" on which TFA codes are only asked for a chosen number of days (instead of every login); e.g. 30 days (<a href="https://www.simbahosting.co.uk/s3/product/two-factor-authentication/">Premium version</a>)
CommentFound in description list item. You have to log in to edit this translation. |
|||
Some users might have two factor authentication on their email account, but this is not knowable or controllable from inside WordPress, and so giving this option to users means that the administrator cannot see or enforce two-factor authentication. And even in this case, email is often sent between servers unencrypted, and so is susceptible to man-in-the-middle attacks beyond the control of WordPress. | You have to log in to add a translation. | Details | |
Original untranslated
Some users might have two factor authentication on their email account, but this is not knowable or controllable from inside WordPress, and so giving this option to users means that the administrator cannot see or enforce two-factor authentication. And even in this case, email is often sent between servers unencrypted, and so is susceptible to man-in-the-middle attacks beyond the control of WordPress.
CommentFound in faq paragraph. You have to log in to edit this translation. |
|||
If someone has access to your email account, then they can send a password-reset code there using the password-reset mechanisms built into WordPress. Therefore, if the two-factor code was also sent there, then ability to read your email allows the breaking of both factors, and hence is no longer truly <em>two</em> factor authentication. | You have to log in to add a translation. | Details | |
Original untranslated
If someone has access to your email account, then they can send a password-reset code there using the password-reset mechanisms built into WordPress. Therefore, if the two-factor code was also sent there, then ability to read your email allows the breaking of both factors, and hence is no longer truly <em>two</em> factor authentication.
CommentFound in faq paragraph. You have to log in to edit this translation. |
|||
This plugin began life in early 2015 as a friendly fork and enhancement of <a href="https://wordpress.org/plugins/two-factor-auth/">Oscar Hane's "two factor auth" plugin</a>. | You have to log in to add a translation. | Details | |
Original untranslated
This plugin began life in early 2015 as a friendly fork and enhancement of <a href="https://wordpress.org/plugins/two-factor-auth/">Oscar Hane's "two factor auth" plugin</a>.
CommentFound in description paragraph. You have to log in to edit this translation. |
|||
These are the names of the two mathematical algorithms that are used to create the special codes. These are industry-standard algorithms, devised by expert cryptographers. HOTP is less popular, but the device that generates the codes does not need to know the correct time (instead, the codes are generated in a precise sequence). TOTP is much more popular, and generates codes that are only valid for 30 seconds (and so your device needs to know the time). I'd recommend TOTP, as HOTP can be annoying if something causes the sequences to get out of sync. | You have to log in to add a translation. | Details | |
Original untranslated
These are the names of the two mathematical algorithms that are used to create the special codes. These are industry-standard algorithms, devised by expert cryptographers. HOTP is less popular, but the device that generates the codes does not need to know the correct time (instead, the codes are generated in a precise sequence). TOTP is much more popular, and generates codes that are only valid for 30 seconds (and so your device needs to know the time). I'd recommend TOTP, as HOTP can be annoying if something causes the sequences to get out of sync.
CommentFound in faq paragraph. You have to log in to edit this translation. |
|||
Alternatively, if you have FTP or cPanel access to your web hosting space, you can de-activate the plugin; <a href="https://updraftplus.com/understanding-wordpress-installs-plugins/">see this article.</a> | You have to log in to add a translation. | Details | |
Original untranslated
Alternatively, if you have FTP or cPanel access to your web hosting space, you can de-activate the plugin; <a href="https://updraftplus.com/understanding-wordpress-installs-plugins/">see this article.</a>
CommentFound in faq paragraph. You have to log in to edit this translation. |
Export as
Comment
Found in description list item.