search

wordpress-mobile / WordPress-iOS

WordPress for iOS - Official repository
http://ios.wordpress.org/
GNU General Public License v2.0
3.69k stars 1.12k forks source link

Can't login to the site if there's a 2FA plugin #23265

Open fluiddot opened 5 months ago

fluiddot commented 5 months ago

Following several app reviews, if the site has a plugin that enables 2FA authentication, you can't log in to the app with a user with 2FA enabled as it results in an error.

App Reviews:

Expected behavior

The app can log in to a site using a user with 2FA enabled via a 2FA plugin installed on the site.

Actual behavior

The app can't log in to a site using a user with 2FA enabled via a 2FA plugin installed on the site.

Steps to reproduce the behavior

  1. Create a self-hosted site (e.g. create a Jurassic Ninja site).
  2. Install a 2FA plugin (e.g. https://wordpress.org/plugins/wordfence/).
  3. Create a new user and enable 2FA.
  4. Open the app.
  5. Try to add the new self-hosted site.
  6. Try to log in using the credentials of the 2FA user.
  7. Observe the login process fails with an error.
Tested on iPhone 11, iOS 17.0.2, WordPress iOS 25.0.
dangermattic commented 5 months ago

Thanks for reporting! đź‘Ť

guarani commented 5 months ago

This issue is mentioned in this app review: p1717218352621949-slack-C06AJCED8EN

If you have a Wordpress installation with 2FA you can’t use this app as it’s not possible to log in.

kean commented 2 months ago

Another report: https://github.com/wordpress-mobile/WordPress-iOS/issues/23475