miniOrange 2-factor Authentication (2FA with SMS, Email, Google Authenticator)

Anuradha has been great at assisting us with the plugin setup and answering our questions promptly. Everything is working as expected and the customer service is top notch. Thank you again!

qlemar06

March 11, 2026

|

My paywalled weblog was hacked and nearly wrecked.  At which point, I realized that I needed to trim down on the paths in (too many different intermediary login options), as well as to prevent “brute force” and to ward off anonymous scumbags and their throwaway/fake email addresses, by way of 2FA. The guys at miniOrange patiently worked with me to integrate 2FA while overcoming the longtime technical debt inherited from my paywall’s creation by a committed but totally non-professional (and long gone) webmaster.  At my request, they created a module (which, somehow, they did not offer previously) to allow for subscriber-initiated changes to an already-selected 2FA OTP delivery method; hopefully this will be of use to many more of their own customers, going forward.  They are clearly eager to work with their customers for a bespoke solution, as needed, at a VERY reasonable rate—which is fortunate, as my guess is that most solutions will require some custom integration over the base service fee.  Also, despite the time zone difference, for a U.S. customer they are quite easy to work with, very flexible and accommodating, in the (U.S. ET) morning or late evening or both.  I am SO GLAD that I found miniOrange, and I wish them continued growth and all possible success!!!

dreizinreport

November 19, 2025

|

I discussed with the team that there is a hack allowing tokens to be sent without going through the login screen. As long as the user does not accept the login tokens, the overall security has held, but this is a vulnerability. Today Vikas and I hopped on a call to review this activity and he agreed the attackers are bypassing the login process somehow. He confirmed that his team will begin working on this immediately. I feel their response was slower than necessary but am now convinced they are addressing the right concerns.

awfominaya

November 6, 2025

|

3 replies

Anuradha has been great at assisting us with the plugin setup and answering our questions promptly. Everything is working as expected and the customer service is top notch. Thank you again!

qlemar06

March 11, 2026

|

My paywalled weblog was hacked and nearly wrecked.  At which point, I realized that I needed to trim down on the paths in (too many different intermediary login options), as well as to prevent “brute force” and to ward off anonymous scumbags and their throwaway/fake email addresses, by way of 2FA. The guys at miniOrange patiently worked with me to integrate 2FA while overcoming the longtime technical debt inherited from my paywall’s creation by a committed but totally non-professional (and long gone) webmaster.  At my request, they created a module (which, somehow, they did not offer previously) to allow for subscriber-initiated changes to an already-selected 2FA OTP delivery method; hopefully this will be of use to many more of their own customers, going forward.  They are clearly eager to work with their customers for a bespoke solution, as needed, at a VERY reasonable rate—which is fortunate, as my guess is that most solutions will require some custom integration over the base service fee.  Also, despite the time zone difference, for a U.S. customer they are quite easy to work with, very flexible and accommodating, in the (U.S. ET) morning or late evening or both.  I am SO GLAD that I found miniOrange, and I wish them continued growth and all possible success!!!

dreizinreport

November 19, 2025

|

I discussed with the team that there is a hack allowing tokens to be sent without going through the login screen. As long as the user does not accept the login tokens, the overall security has held, but this is a vulnerability. Today Vikas and I hopped on a call to review this activity and he agreed the attackers are bypassing the login process somehow. He confirmed that his team will begin working on this immediately. I feel their response was slower than necessary but am now convinced they are addressing the right concerns.

awfominaya

November 6, 2025

|

3 replies

OTP Verification on your Registration Form need premium account

paknejad

April 28, 2025

|

1 reply

Anuradha has been great at assisting us with the plugin setup and answering our questions promptly. Everything is working as expected and the customer service is top notch. Thank you again!

qlemar06

March 11, 2026

|

My paywalled weblog was hacked and nearly wrecked.  At which point, I realized that I needed to trim down on the paths in (too many different intermediary login options), as well as to prevent “brute force” and to ward off anonymous scumbags and their throwaway/fake email addresses, by way of 2FA. The guys at miniOrange patiently worked with me to integrate 2FA while overcoming the longtime technical debt inherited from my paywall’s creation by a committed but totally non-professional (and long gone) webmaster.  At my request, they created a module (which, somehow, they did not offer previously) to allow for subscriber-initiated changes to an already-selected 2FA OTP delivery method; hopefully this will be of use to many more of their own customers, going forward.  They are clearly eager to work with their customers for a bespoke solution, as needed, at a VERY reasonable rate—which is fortunate, as my guess is that most solutions will require some custom integration over the base service fee.  Also, despite the time zone difference, for a U.S. customer they are quite easy to work with, very flexible and accommodating, in the (U.S. ET) morning or late evening or both.  I am SO GLAD that I found miniOrange, and I wish them continued growth and all possible success!!!

dreizinreport

November 19, 2025

|