CM Secure Login (CMAUTH) - Plugin Settings - General Settings
In General settings changes can be made to the login protection method and other aspects that apply to most or all users.
The settings for the CreativeMinds Secure Login (CMAUTH) WordPress plugin can be accessed by clicking either the main plugin button or the one below:
Protection Method: You can choose from four protection methods: Google Authenticator, Mobile Phone SMS, Email verification and Email code. You can also let users choose between SMS and e-mail
You can learn more about each of them by reading this guide.
Require a chosen protection method for all users: Will apply the previously selected solution for all users.
Require chosen protection method for chosen roles: This field will only appear if "No" was chosen in the previous option.
You can disable the password for every user or only for those with certain roles. Note that disabling the password does not mean the users will only need their username to sign. Instead, they will login with their usernames and the chosen authentication method.
Here you can set how long codes will work or if a user inputting an incorrect code has to wait before entering a new one. This is good method to keep scammers away. Choosing to automatically logout after a set time helps to ensure the account is safe even if the user forgets to log out.
Shortening the expiration and activity/inactivity times increases security, but making the period too short can be inconvenient for users. The settings are applied to every user.
Finally, there are two options that affect the code generation: choose which characters will be used to create the codes and define its length.