This page lets you set up email verification. When turned on, users will get a one-time code in their email every time they log in.
Enable Email Verification
- There is a toggle switch.
Enable for Roles
- This setting allows you to choose which user groups are required to use email 2FA.
- You may choose to disable this for regular subscribers to avoid friction during simple logins, unless your site deals with sensitive user data.
NB: “Save Changes” or “Discard Changes” button will apply the settings
Next Steps for Users
Once you have enabled this feature on this page:
- Go to WordPress Dashboard > Users > Profile pageĀ
- Scroll down and find the Ultimate Security
- Select the email method.
- Get OTP from the email address for verification
- Save Settings to apply
Security Considerations
Please keep the following in mind:
- Email delivery is not always instant. Network issues or server load can cause delays, making the verification code expire before the user finds it.
- If a hacker has already compromised a user’s email password, they can access the 2FA code, rendering this layer of security ineffective.
- Occasionally, verification codes can be flagged as spam and end up in the user’s junk folder.
