WordPress Two Factor Authentication (CMAUTH) - 2FA Methods - SMS

SMS

Back to User Guide

Authentication Methods

Overview | Google Authenticator | Email Code | Email Link | Mobile Phone SMS

To enable SMS verification in the WordPress Two Factor Authentication plugin, navigate to Admin Dashboard → CM Secure Login Pro â†’ SMS tab.

Confirmation settings

SMS settings tab - WordPress Login SMS Verification
SMS settings tab
  • Limit sending one SMS per every X [minutes] - Lets you limit the frequency of text messages, so as not to disturb users. The field accepts values in minutes, so, by inserting 2, for example, users will receive a maximum of one message every 2 minutes. Inserting different characters, like "4.2" or alphabetic characters, will result in an error. Entering "0" or a negative value will cause the SMS to fail to send. 

Amazon Web Service API

Here, you must insert the Amazon SNS API Key and secret. Amazon has a guide on how to obtain these, or you can check it in our guide: General Support - Enabling SMS Messages (Amazon SNS API)

You can also test the service by adding a test number, starting with the country code. For example +1xxxxxxxxx for a US number.

Connecting Amazon account to the plugin - 2 Factor Authentication for WordPress
Connecting Amazon account to the plugin

Message

These fields allow you to customize the SMS the users will receive: both the sender name and the message itself can be personalised. The shortcode [code] is essential, as it will contain the verification key the user will have to input to sign in.

Tip: Writing a shortcode between brackets returns its value inside them. For instance, if the blog name is "Writing 101", inserting [[blogname]] will return [Writing 101].

Message template - WordPress Two Step Authentication
Message template

Email Template

You can edit the template for the message the user will receive when he/she tries to login without having registered a telephone number.

Email template settings - WordPress Enable 2FA
Email template settings
  • Register the phone number email subject - You can use the following shortcodes:
    • [blogname] - Show blog name.
    • [siteurl] - Show site URL.
    • [userdisplayname] - Show user display name.
    • [userlogin] - Show user login.
    • [useremail] - Show user email.
  • Register the phone number email body - You can use the following shortcodes:
    • [blogname] - Show blog name.
    • [siteurl] - Show site URL.
    • [userdisplayname] - Show user display name.
    • [userlogin] - Show user login.
    • [useremail] - Show user email.
    • [link] - Show the link that user have to open to enter his phone number. Important: the email body template MUST contain this shortcode in order to let the user login.
    • [usertime] - Show the current time of the user. Note: this shortcode was introduced in version 1.8.2.
    • [userip] - Show the IP address of the user used for a login attempt. Note: this shortcode was introduced in version 1.8.2.
    • [userbrowser] - Show the browser info of the user. Note: this shortcode was introduced in version 1.8.2.

Other Methods

You can learn more about the other methods by reading this guide.

Read important note about AWS Sandbox

AWS Sandbox send SMS only on verified mobile numbers. You can read more here.


More information about the WordPress Two Factor Authentication plugin

Other WordPress products can be found at CreativeMinds WordPress Store

Let us know how we can Improve this Product Documentation Page

To open a Support Ticket visit our support center
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Related Support Documents