Skip to content

Label recommended methods to simplify the configuration #676

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kasparsd merged 10 commits into from
May 1, 2025
Merged

Label recommended methods to simplify the configuration #676

kasparsd merged 10 commits into from
May 1, 2025
+72 −23

Conversation

@kasparsd
Copy link
Collaborator

@kasparsd kasparsd commented Apr 2, 2025

What?

Marks methods that are relatively secure and easy to setup as "Recommended".

Why?

Fixes #483.

How?

  • Introduce a "Recommended" label that applied to specific methods.
  • Add a two_factor_recommended_providers filter that allows adding/removing methods from being "Recommended".
  • Update the help text explaining why the "Recommended" methods are recommended.

Testing Instructions

Screenshots or screencast

recommended-methods

Changelog Entry

Added: mark TOTP and backup codes as recommended methods to simplify the decision making.

@kasparsd kasparsd requested review from Copilot, iandunn and jeffpaul April 2, 2025 19:18
Copilot AI reviewed Apr 2, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot wasn't able to review any files in this pull request.

Files not reviewed (2)
  • class-two-factor-core.php: Language not supported
  • user-edit.css: Language not supported

@jeffpaul jeffpaul added this to the 0.14.0 milestone Apr 7, 2025
kasparsd
kasparsd commented Apr 21, 2025
View reviewed changes
class-two-factor-core.php
<?php echo esc_html( sprintf( __( 'Enable %s', 'two-factor' ), $object->get_label() ) ); ?>
<strong><?php echo esc_html( sprintf( __( 'Enable %s', 'two-factor' ), $object->get_label() ) ); ?></strong>
<?php if ( in_array( $provider_key, $recommended_provider_keys, true ) ) : ?>
<abbr title="<?php esc_attr_e( 'This method is more secure and easy to use', 'two-factor' ); ?>" class="two-factor-method-recommended"><?php esc_html_e( 'Recommended', 'two-factor' ); ?></abbr>
Copy link
Collaborator Author

@kasparsd kasparsd Apr 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Adding these flags as <attr> elements that provide additional context inline on hover and for screen readers.

providers/class-two-factor-totp.php

<p>
<?php esc_html_e( 'Please scan the QR code or manually enter the key, then enter an authentication code from your app in order to complete setup.', 'two-factor' ); ?>
<?php esc_html_e( 'Please scan the QR code or manually copy the shared secret key from below to your Authenticator app:', 'two-factor' ); ?>
Copy link
Collaborator Author

@kasparsd kasparsd Apr 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This message is now split into two -- one here above about the secret code and another closer to the code input box for clarity.

@kasparsd
Copy link
Collaborator Author

kasparsd commented Apr 21, 2025

@jeffpaul @iandunn What are your thoughts on this implementation as the first pass at helping users to pick the two-factor method?

@iandunn
Copy link
Member

iandunn commented Apr 28, 2025

That looks good to me 👍🏻

@kasparsd kasparsd merged commit ed078c8 into master May 1, 2025
54 checks passed
@kasparsd kasparsd deleted the 483-mark-recommended branch May 1, 2025 18:16
@kasparsd kasparsd mentioned this pull request Jul 3, 2025
Merged
@kasparsd kasparsd mentioned this pull request Sep 5, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@iandunn iandunn Awaiting requested review from iandunn

@jeffpaul jeffpaul Awaiting requested review from jeffpaul

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

0.14.0

Development

Successfully merging this pull request may close these issues.

Help folks choose which provider is right for them

4 participants

@kasparsd @iandunn @jeffpaul