=== Cloudusk 2FA – Two Factor Authentication ===
Contributors: cloudusk
Tags: two-factor authentication, 2fa, google authenticator, security
Requires at least: 6.0
Tested up to: 6.9
Requires PHP: 8.1
Stable tag: 0.0.1
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

A free and lightweight two-factor authentication (2FA) plugin for WordPress using TOTP and authenticator apps.

== Description ==

Cloudusk 2FA – Two Factor Authentication is a free and easy-to-use two-factor authentication (2FA) plugin for WordPress.

It adds an extra layer of security to your WordPress login by requiring a time-based one-time password (TOTP) in addition to a username and password. This helps protect WordPress user accounts from unauthorized access caused by weak or compromised passwords, brute-force attacks, and automated login attempts.

Cloudusk 2FA uses industry-standard TOTP (RFC 6238) and works with popular authenticator apps such as Google Authenticator, Authy, and Microsoft Authenticator. No SMS, email codes, or third-party services are required.

The plugin is designed to be lightweight and user-friendly, with a simple setup process that can be completed directly from the user profile screen.

= Features =

* TOTP-based two-factor authentication for WordPress
* Compatible with Google Authenticator, Authy, Microsoft Authenticator, and other TOTP apps
* QR code-based setup
* Backup recovery codes to prevent lockouts
* No SMS, email, or external services required
* Lightweight and performance-friendly
* Works with the default WordPress login flow
* Fully free to use

= Privacy =

Cloudusk 2FA does not send any data to external services. All authentication is handled locally within your WordPress installation.

== Installation ==

1. Upload the plugin files to the `/wp-content/plugins/cloudusk-2fa` directory, or install the plugin directly from the WordPress Plugins screen.
2. Activate the plugin through the "Plugins" screen in WordPress.
3. Go to your WordPress user profile.
4. Follow the on-screen instructions to enable two-factor authentication using your authenticator app.

== Frequently Asked Questions ==

= Which authenticator apps are supported? =
Any app that supports TOTP (RFC 6238), including:
* Google Authenticator
* Authy
* Microsoft Authenticator
* 1Password

= Does this plugin use SMS or email codes? =
No. Cloudusk 2FA uses TOTP generated by authenticator apps and does not rely on SMS or email.

= What happens if I lose my phone? =
During setup, the plugin provides backup recovery codes that can be used to regain access if you lose your authenticator device.

= Is this plugin free? =
Yes. Cloudusk 2FA is completely free to use.

= Will this plugin slow down my website? =
No. The plugin is lightweight and only runs during the login process.

= Is this plugin compatible with WordPress Multisite? =
Yes, Cloudusk 2FA is compatible with WordPress Multisite.

== Screenshots ==

1. Two-factor authentication setup screen
2. Backup recovery codes screen
3. Enter code from 2FA app to enable it screen
4. Settings to specifiy 2FA requirement for differenet roles screen

== Changelog ==

= 0.0.1 =
* Initial release
* TOTP-based two-factor authentication
* QR code setup
* Backup recovery codes

== Upgrade Notice ==

= 0.0.1 =
Initial release.