Skip to content

Releases: WordPress/two-factor

Version 0.7.0-rc.1

16 Jun 15:18
Compare
Choose a tag to compare
Version 0.7.0-rc.1 Pre-release
Pre-release
  • Update codebase to match the WordPress coding standards, see #340. Props @paulschreiber.
  • Add tooling to run PHPUnit tests locally during development, see #355. Props @kasparsd.

Version 0.6.0

06 May 19:49
529c973
Compare
Choose a tag to compare
  • Security fix: escape the U2F key value when doing the key lookup in database during login. Props @mjangda from WordPress VIP. See #351.

  • New feature: invalidate email tokens 15 minutes after they were generated. Use the two_factor_token_ttl filter to override this time-to-live interval. See #352.

  • Document some of the available filters.

Version 0.5.2

30 Apr 13:54
9b6e838
Compare
Choose a tag to compare
  • Bugfix: saving standard user profile fields no longer resets the time-based-password key, see #341.
  • Bugfix: remove spaces around authentication codes before verifying them, see #339 (props @paulschreiber).
  • Bugfix: allow admins to configure FIDO U2F keys for other users, see #349.
  • Enable the "Dummy" authenticator method only when WP_DEBUG is set since we don't want regular users using it.
  • New: Add an two_factor_user_authenticated action when the user is logged-in after the second factor has been verified, see #324 (props @Kubitomakita).
  • New: Add two_factor_token_email_subject and two_factor_token_email_message filters to customize the email code subject and body, see #345 (props @christianc1).
  • Update the reference article URL in the readme files to account for domain change, see #332 (props @todeveni).

Version 0.5.1

05 Feb 16:31
57faccc
Compare
Choose a tag to compare
  • Security fix: invalidate the session token used for the first password-based authentication, props @aapost0l.
  • Typo fixes in code comments, props @akkspros.

Version 0.5.0

11 Jan 11:04
8f89355
Compare
Choose a tag to compare
  • Add a compatibility layer for Jetpack Secure Sign On to support longer session cookies, see #276. Props @pyronaur.
  • Fix spelling errors in code comments, see #318. Props @akkspros.
  • Add license file, #313. Props @axelsimon.
  • Bump the supported version of PHP to 5.6 to match the WordPress core.

Version 0.4.8

26 Dec 20:12
03f1354
Compare
Choose a tag to compare
  • Mark as tested with WordPress 5.3.
  • Add a screenshot with email code authentication prompt.
  • Update development tooling versions.

Version 0.4.7

08 May 05:35
Compare
Choose a tag to compare
  • Introduce a two_factor_totp_title filter to allow TOTP title to be changed, see #294 (props @BrookeDot).
  • Mark as tested with WordPress 5.2.

Version 0.4.6

27 Apr 04:16
63de5fc
Compare
Choose a tag to compare
  • Add a unique ID for the two-factor options section, see #286 (props @joshbetz).
  • Add usage instructions and plugin screenshots, fixes #272.

Version 0.4.5

22 Apr 09:58
Compare
Choose a tag to compare
  • Add the missing two-factor textdomains, see #281 (props @Sonic853).
  • Fix U2F feature detection in Firefox, see #285.

Version 0.4.4

15 Apr 19:00
Compare
Choose a tag to compare
  • Add the closing </div> to match the WP core login form structure, see #274 (props @claytoncollie).