CM Secure Login (CMAUTH) - Plugin Settings - General Settings
In General settings changes can be made to the login protection method and other aspects that apply to most or all users.
The settings for the CreativeMinds Secure Login (CMAUTH) WordPress plugin can be accessed by clicking either the main plugin button or the one below:
You can choose from four protection methods: Google Authenticator, Mobile Phone SMS, Email verification and Email code. You can learn more about each of them by reading this guide.
Require a chosen protection method for all users: will apply the previously selected solution for all users.
Require chosen protection method for chosen roles: this field will only appear if "No" was chosen in the previous option.
You can disable the password for every user or only for those with certain roles. Note that disabling the password does not mean the users will only need their username to sign. Instead, they will login with their usernames and the chosen authentication method.
Here you can set how long codes work for or if a user inputting a wrong code has to wait before entering a new one - a good way to keep scammers away. Choosing to automatically logout after a set time helps to ensure the account is safe even when the user forgets to log out.
Shortening the expiration and inactivity times too much increases security, but can be inconvenient for the users. The settings are applied to every user.