Comments on: WordPress plugin: One-Time Password

By: Marcel

Marcel — Fri, 13 Apr 2012 19:25:15 +0000

I still don’t understand what you want, sorry.

By: mariam

mariam — Fri, 13 Apr 2012 19:20:43 +0000

But let me just user admin User defined.
and choose another user?

By: mariam

mariam — Fri, 13 Apr 2012 19:04:18 +0000

Hello, you need to know, if I can plugin User defined for a user other than administrator, and as it should do, because it gives me the option to choose the user.

thank you very much

By: Marcel

Marcel — Fri, 13 Apr 2012 19:00:44 +0000

I am not sure what you mean, but the plugin is multi-user, so any WordPress user can login with his/her own OTP-codes.

By: mariam

mariam — Fri, 13 Apr 2012 18:51:34 +0000

Hello, I wonder if I can use a user subscriber instead of an administrator, and from where you have to change.

Gracias

By: Marcel

Marcel — Thu, 29 Dec 2011 13:20:49 +0000

This problem is most probably not specific to the One-Time Password plugin. Your hosting provider doesn’t allow writing in the folder /tmp, which the WordPress installer tries to do to install a plugin (but also when installing themes and the WordPress core itself).

You will have to ask support from your hosting provider for this.

By: Kenneth

Kenneth — Thu, 29 Dec 2011 13:12:38 +0000

When I try to install it – WordPress tells me:

Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/tmp//one-time-password.tmp) is not within the allowed path(s): (/var/www/web189/) in /var/www/web189/web/album/wp-includes/functions.php on line 2340


Warning: touch() [function.touch]: SAFE MODE Restriction in effect. The script whose uid is 10749 is not allowed to access /tmp owned by uid 0 in /var/www/web189/web/album/wp-admin/includes/file.php on line 177
Warning: is_writable() [function.is-writable]: open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (/var/www/web189/) in /var/www/web189/web/album/wp-includes/class-http.php on line 145

Warning: unlink() [function.unlink]: SAFE MODE Restriction in effect. The script whose uid is 10749 is not allowed to access /tmp owned by uid 0 in /var/www/web189/web/album/wp-admin/includes/file.php on line 50

How do I avoid this? I have no programming skills

By: Yurij

Yurij — Wed, 16 Nov 2011 16:54:22 +0000

Nice work, this plugin works fine, and OTPGen do. But only some seed works on OTPGen symbian. You have to try some couple of seed to make it work.

By: How to Secure Your WordPress Blog | Webvantix: Help for the Online … – secure wordpress

Fri, 15 Jul 2011 01:32:50 +0000

[...] One Time Password Enables we to login to WP with passwords that are current for one event only. [...]

By: Marcel

Marcel — Thu, 17 Feb 2011 09:07:48 +0000

The goal of this plugin is to login with one-time passwords.
Generating one-time random passwords for protected posts is too far from this goal, sorry.

By: Ricardo

Ricardo — Thu, 17 Feb 2011 05:10:56 +0000

Can you make this plugin work with protected posts.
I want users to access a protected post with a random password that i will send them via sms to use once.

By: ArMyZ

ArMyZ — Sun, 16 Jan 2011 10:01:31 +0000

Got it thanks

By: ArMyZ

ArMyZ — Sun, 16 Jan 2011 10:00:47 +0000

Thanks Marcel. I gave a shot with firebug and I noticed that a adwords stat plugin just interrupted the js chain. Now it works fine.
Thank you

By: Marcel

Marcel — Sun, 16 Jan 2011 08:57:59 +0000

The tools menu is for batch generating One-Time Passwords for other users.

By: Marcel

Marcel — Sun, 16 Jan 2011 08:53:25 +0000

I just tested with a user in the ‘Subscriber’ role with both MD5 and SHA1 algorithms without any problems. Maybe you have a conflicting plugin or a specific installation that is incompatible with the plugin. If you are willing to give me login details, I would like to debug this issue.

By: Marcel

Marcel — Sun, 16 Jan 2011 08:01:17 +0000

Sorry for the late reply, but I was traveling until yesterday. I didn't test it, but I guess you can achieve what you want by combining the One-Time Password plugin with the Force User Login or similar plugin. I guess you want to check the 'Disable normal login' option of the One-Time Password plugin in this case.

By: One Time Passwords For Wordpress Blog - Prevent Keyloggers Hacks

One Time Passwords For Wordpress Blog - Prevent Keyloggers Hacks — Fri, 14 Jan 2011 04:31:24 +0000

[...] the aspects of using the plugin, we have tested it and confirm that it works as described in the plugin author’s website. But be very careful before implementing the techniques and proceed only when you know what you are [...]

By: ArMyZ

ArMyZ — Thu, 30 Dec 2010 19:56:16 +0000

Hi, the good news is that it’s working great even on WP 3.0.4. The bad one is that it’s working only with admin account (that I usually I avoid to use). With admin starts from higher #sequence (49 than 48 and so on), with other users starts from 1 and everything I insert (but the wp clean password) isn’t accepted.
(I used SHA1 instead of MD5).
Last thing, I saw TWO different “One-Time Password” menu item: one you explained under settings and another with users list and a “generate” button under Tools.

Some hints?

Thanks and congrats,
A.

By: Troy

Troy — Mon, 20 Dec 2010 23:45:25 +0000

I am interested in using this plug-in but for a different purpose. We have a blog/website development for a client that requires we give a client a password to view the site, but once that password is used they cannot use it again. Basically securing the site from being shared to unauthorized viewers. Your plugin is exactly what I need with the exception being that I want to prevent access to the site itself unless a one-time password is entered. Can your code be modified to function this way? If not any ideas on what I can use to perform this functionality? Thanks and best regards, Troy

By: test « Fabiano Friedrich

test « Fabiano Friedrich — Sun, 26 Sep 2010 19:50:25 +0000

[...] This simple to use plugin enables you to login to your WordPress weblog using passwords which are valid for one session only. One-time passwords prevent stealing of your main WordPress password in less trustworthy environments, like internet cafés, for example by keyloggers. The one-time password system conforms to RFC 2289 of the Internet Engineering Task Force (IETF). Version 2 of this plu… By Marcel Bokhorst. [...]