=== Two-Factor Authentication (TOTP) for WooCommerce ===
Contributors: MTDEV
Tags: security, two-factor, authentication, woocommerce, login
Requires at least: 5.5
Tested up to: 6.8
Stable tag: 1.0
Requires PHP: 7.4
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html
Text Domain: two-factor-authentication-totp-for-woocommerce

Enhance the security of your WooCommerce store and WordPress admin area with Time-based One-Time Password (TOTP) two-factor authentication.

== Description ==
Enhance the security of your WooCommerce store and WordPress admin area with Time-based One-Time Password (TOTP) two-factor authentication. This plugin provides an extra layer of protection against unauthorized access by requiring users to verify their login attempts with a code generated by a TOTP authenticator app (like Google Authenticator).

== Important Notes ==
* WooCommerce Requirement: This plugin requires WooCommerce to be installed and active.
* Security Best Practice: Protect your database and FTP credentials. Loss of access to these is a significant security risk. This plugin adds a layer of security, but doesn’t replace proper security measures.
* No Breaking Changes: The plugin was designed to integrate smoothly with existing WordPress authentication processes.

== Key Features ==
* Two-Factor Authentication: Adds robust security to your WooCommerce store and WordPress admin area using TOTP.
* WooCommerce & WordPress Support: Works seamlessly with both WooCommerce and standard WordPress user accounts.
* Google Authenticator Compatibility: Designed to work with popular authenticator apps, primarily Google Authenticator (tested).
* Lightweight & Easy to Configure: Simple setup with minimal impact on performance.
* Recovery Keys: Provides recovery keys for users who lose access to their authenticator app, allowing them to regain access without requiring administrator intervention.

== Installation ==
1. Upload the '/two-factor-authentication-totp-for-woocommerce' folder to your WordPress `/wp-content/plugins/` directory.
2. Activate the plugin through the "Plugins" menu in your WordPress dashboard.

== Usage ==
* WooCommerce Customers: Users can activate TOTP authentication on their "My Account" page under the "Two-Factor Authentication" menu.
* WordPress Users & Administrators: Users can enable TOTP through the "Two-Factor Authentication" menu in their user profile (accessible via "Users -> Your Profile").
* Recovery Keys: Once activated, recovery keys are displayed (once only) and can be regenerated if needed.

== Frequently Asked Questions ==
* Does this plugin require external services?  
  No, it operates entirely within your WordPress environment.

* Which authenticator apps are supported?  
  This plugin is built using the standard TOTP algorithm (RFC 6238). It’s primarily tested with Google Authenticator, and should work with other TOTP-compatible apps like Authy, Microsoft Authenticator, and FreeOTP, but full compatibility cannot be guaranteed.

* Can administrators, editors, and other backend roles use TOTP?  
  Yes, administrators and all users with appropriate WordPress roles can enable TOTP.

* Does TOTP authentication stay if a user's role changes?  
  No. If a user's role changes, their TOTP authentication will be lost and they’ll need to reactivate it.

* Does TOTP authentication support new custom roles?  
  While new roles will follow WordPress’ role capabilities, the plugin should work with them.

* Are the plugin texts translatable?  
  Most front-end text is translatable using a plugin like Polylang via the String Translation option. If you encounter untranslated strings, please let us know.

== Changelog ==
= 1.0 =
* Initial Release: Includes core TOTP authentication functionality for WooCommerce customers and all WordPress users.