Q: Will this affect my developers working from home or in our remote office?
A: For developers or teams accessing from specific networks, we also offer office IP or VPN whitelisting for convenience. Let us know your IPs, and we’ll whitelist the IP from receiving the prompt.
Q: Will the 2FA prompt appear every time I log in to WordPress from Singapore?
A: To provide convenience for our local Singapore companies, you will not be prompted for 2FA when logging in from a Singapore IP address.
Q: Who will be prompted for 2FA?
A: Only users with the Administrator role will be prompted for 2FA. To clarify, roles such as Shop Manager, Customer, Subscriber, Contributor, Author, and Editor are not affected.
Q: Will I need to complete 2FA every time I log in?
A: No. Once you’ve logged in successfully, your IP will be added to a whitelist. Subsequent same user login from the same IP will bypass the 2FA prompt for 7 days.
Q: Will this 2FA protection affect my WordPress or break my website?
A: Not at all. This protection has been thoroughly tested for 6 months and will not interfere with your website’s performance, design, or functionality.
Q: If I am using third party system for scheduled post, will I be affected?
A: You will not be affected because third party system uses WP API access and token to remotely connect to your WordPress, the 2FA will not challenge them.
Q: What WordPress versions does this system support??
A: This system is implemented on WordPress version 5.6 and above.
Q: When will the 2FA protection be implemented?
A: This protection is currently live on 10% of our accounts, and the next 20% will start to go live on 1st May 2025. We target to complete the protection for all CLDY hosted WordPress by end September 2025.
Q: Do I have to pay for this protection?
A: CLDY is committed to providing stronger security for all our customers. This protection will be fully managed and maintained by CLDY, and it will remain free at no cost for as long as it remains viable.
Q: How do I know if my WordPress is covered with this protection?
A: If your hosting account contains a website built with WordPress CMS, CLDY WordPress 2FA system will be introduced automatically for added security.
Q: Do I need to do anything to get this protection?
A: No action is required on your end, it will be automatically protected.
Q: What email address will be used for 2FA email authentication?
A: The plugin uses the email address associated with your WordPress administrator account which you used to login.
Q: What if I don’t remember my WordPress admin email or my developer used the wrong email address for my admin login account?
A: No problem — contact us, and we’ll assist in updating and verifying the email address within your WordPress admin settings.
Q: What if I already have another 2FA plugin installed?
A: If you’re already using another 2FA plugin, there will be no conflict. Your existing solution will take precedence.
Q: Does this apply to addon domains?
A: Yes. The 2FA plugin will be applied to all WordPress installations under your account, including those on addon domains.
Q: Can I opt out?
A: You can opt out by contacting us, and we’ll exclude your cPanel account(s) from the 2FA protection.
Q: If I want to have this implemented earlier and faster, can it be done?
A: Let us know, and we’ll do our best to prioritise the rollout for your account.
Q: What should I do if I didn’t receive the 2FA email?
A: If you don’t receive the 2FA email within a few minutes, please check your spam or junk folder. If it’s not there, contact us and we’ll verify your admin email and help you regain access quickly.
Q: Will I get locked out if I change my IP or travel overseas?
A: No, you won’t be locked out. You’ll simply be prompted to complete the 2FA verification. As long as you have access to your admin email, you’ll be able to log in.
Q: What happens if my administrator account is shared among multiple people?
A: For better security and auditing, we recommend assigning individual logins with proper roles. If a shared admin is unavoidable, you can use a group email address for the admin user, and everyone in the email group will get the 2FA code.
