When someone does not configure two-factor authentication (2FA) within the configured grace period, their user is locked. When this happens the plugin sends an email to the owner of the user advising them that the user has been locked. Also, the user cannot login on the website until it is unlocked.
Who can unlock locked WordPress users and how?
Only administrator can unlock locked WordPress users that did not configure 2FA within the grace period. There are two places from where you can unlock locked users.
You can do so from the users’ list in the WordPress dashboard. Simply hover over the username and click Unlock user. The option is highlighted in the below screenshot:
You can also unlock locked WordPress users by clicking the button Unlock user and reset the grace period in the WP 2FA settings at the bottom of the user profile page.
What happens when a WordPress user is unlocked?
When a WordPress user is unlocked the user’s owner can log back into the website. The grace period is also reset, allowing the user to configure and use 2FA within that period.