2FA backup methods are a great way to ensure users can still log in to WordPress should something happen to their primary 2FA method. Dead batteries and replacement/new phones are something that happens to the best of us. This may leave those using 2FA with no option but to call the helpdesk for assistance. Thanks to WP 2FA’s secondary backup 2FA methods users will be able to log in just as easily even if something happened to their phone.
WP 2FA supports both 2FA backup codes and email OTP as a secondary authentication method. Both of these function similarly in that they can be used as a backup method should the primary 2FA authentication method become available.
Setting up 2FA backup methods
WordPress administrators can choose whether to make 2FA backup methods available and which ones.
Both of these can be set up by:
- Navigate to WP 2FA > 2FA Policies
- Scroll down to the Secondary 2FA methods section
- Tick the checkbox next to Backup codes to give users the option to generate and log in with backup codes
- Click the Allow users to use email based 2FA as secondary backup method to give users the option to log in with an email OTP
- When choosing the email option, you can also allow users to specify an email address of their choice. When this option is set to no, the email address configured in the user’s WordPress user account will be used.