Update user and admin docs, prepare for more screenshots#701
Update user and admin docs, prepare for more screenshots#701
Conversation
|
@kasparsd related to your thoughts on #699, some questions:
I'll update here once you weigh-in on those questions. I'll work on some additional screenshots to note what I added here as captions in this readme update. |
kasparsd
left a comment
kasparsd
left a comment
There was a problem hiding this comment.
This is great! Amazing work.
To answer your questions:
-
IMHO none of the magic-link plugins will work if the two-factor is enabled.
-
I suggest we link to https://wordpress.org/plugins/two-factor-provider-webauthn/ directly because it integrates specifically with the two-factor plugin and does it really well.
|
|
||
| ## Setup Instructions | ||
|
|
||
| **Important**: Each user must individually configure their two-factor authentication settings. There are no site-wide settings for this plugin. |
There was a problem hiding this comment.
Maybe link to the issue where this is being discussed?
There was a problem hiding this comment.
i think we could keep this text for now and work meanwhile on the settings page. already drafted a PR here but we also have one other open PR thats needs to be reviewed that would help.
| 1. **Navigate to your profile**: Go to "Users" → "Your Profile" in the WordPress admin | ||
| 2. **Find Two-Factor Options**: Scroll down to the "Two-Factor Options" section | ||
| 3. **Choose your methods**: Enable one or more authentication providers (noting a site admin may have hidden one or more so what is available could vary): | ||
| - **Authenticator App (TOTP)** - Use apps like Google Authenticator, Authy, or 1Password |
There was a problem hiding this comment.
Maybe follow the new order in the settings which have app first followed by backup codes (to ensure they have fallback)?
There was a problem hiding this comment.
as soon as we agree to the new instructions at #763 the description of TOTP should reflect that as well. (not just focus on apps, others noted on the profile edit page). do we want to show paid-only solutions like 1password? (use it as well its great but not sure its a good idea to advertise them)
|
|
||
| = Why doesn't this plugin have site-wide settings? = | ||
|
|
||
| This plugin is designed to work on a per-user basis, allowing each user to choose their preferred authentication methods. This approach provides maximum flexibility and security. Site administrators can still configure 2FA for other users by editing their profiles. For more information, see [issue #437](https://github.com/WordPress/two-factor/issues/437). |
There was a problem hiding this comment.
Could we also link to all the available actions/filters in the readme, saying that on larger sites it is recommended to enforce certain requirements via code?
|
@jeffpaul I would like to merge this for the next release. Would you have time to iterate on it now or can we merge it as is and update later? |
|
@jeffpaul Let me know if I can help with getting this ready for merge. |
3 participants
What?
This pull request significantly updates the
readme.txtfile for the Two-Factor Authentication (2FA) plugin, enhancing user guidance and improving the documentation. Key changes include the addition of detailed setup instructions, descriptions of authentication methods, and answers to frequently asked questions (FAQs).Enhanced User Guidance:
readme.txt, readme.txtL13-R91).readme.txt, readme.txtL13-R91).Improved Documentation of Authentication Methods:
readme.txt, readme.txtL13-R91).readme.txt, readme.txtL13-R91).Added FAQs and Clarifications:
readme.txt, readme.txtR123-R141).Updated Visual References:
readme.txt, readme.txtR123-R141).Why?
Closes #699.
How?
Testing Instructions
Screenshots or screencast
Changelog Entry