Step by step guide to set up OTP over WhatsApp as a Two Factor method

Follow these steps to Set up OTP Over WhatsApp

  • Go to your WordPress instance and log in as an administrator.

    Click on miniOrange-2fa plugin

  • Now, Click on the miniOrange 2-factor plugin visible in the menu to the left.
  • You can set up OTP over WhatsApp as a two-factor method in two ways.
    • Advanced setting (from the plugin itself)
    • Logout and Configure (setup two-factor during login)

Advanced Setting setup

  • Click on the Advanced Settings button.

    setting two-factor with advanced setting

  • Go to the Setup Two Factor tab from the navigation.

    setup two-factor tab

  • You can see the list of Authentication methods here. Click on the Configure button OTP Over Whatsapp.

    Configure OTP Over WhatsApp

  • Save Given phone number (+34 644179464) on your phone.

    saving verification number

  • Open the Whatsapp app on your phone and send the below text to the given phone number : Message: I allow callmebot to send me a message
  • Then you will receive the API Key.

    recevied api key on WhatsApp

  • Enter the API key in the field beside and also enter the Phone number then click on the Verify button.
  • Enter One Time OTP which you received on the Whatsapp app and click on Validate OTP.

    validate whatsApp OTP

  • 2FA Setup is successful. Click on the Test it button.

    test WhatsApp verification

  • Enter the one-time passcode you received on your WhatsApp, and click on the Validate OTP button.

    validate WhatsApp test
    WhatsApp verification test successfull

 

 

Logout and Configure setup

  • Click on the Logout and configure button.

    setup otp over WhatsApp during user entrollment

  • Then enter your credentials and click on the Log In.

    WordPRess Login page

  • After Successful Login to WordPress. You will get a prompt to configure two-factor. Select the Checkbox of OTP Over WHATSAPP.

    select otp over WhatsApp

  • Install the WhatsApp app from the play store and open it.
  • Save given phone number (+34 644179464) on your phone.

    ![saving verification number] ](https://developers.miniorange.com/docs/security/images/logout-and-configure-save.png)

  • Open the Whatsapp app on your phone and send the below text to the given phone number : Message: I allow callmebot to send me a message
  • Then you will receive the API Key

    receive api key during user entrollment

  • Enter the API key in the field beside and also enter the Phone number.

    Entering otp received on WhatsApp

  • Click on Send OTP.

    Click on send otp button

  • Enter One Time OTP which you received on the Whatsapp app and Click on Verify Code.

    Entering otp received on WhatsApp

  • The setup has been done successfully. miniOrange also provides backup codes to get back to your account, in case you lost your two-factor authentication ability you can use those backup codes to get back to your WordPress account.
  • Click the Finish button.

    Backup code

So after this setup whenever the user tries to log in to your WordPress account, the user needs to verify his identity with OTP Over Whatsapp as two-factor authentication.