a couple weeks ago, i suddenly couldn’t login to my blog. it didn’t give me any of the standard “you can’t login” messages, instead it gave me half a page of code that was only partially legible (to me), and no clue what happend or how to fix it. 😱
after a good deal of futzing around, and a few back-and-forths with the host provider, i figured out that it was because i had a 2FA plugin, set to auto-update, and WordFence, also set to auto-update. when WordFence added a 2FA feature which was activated by default (generally, a good thing), and auto-updated itself, it “auto-updated” itself right into the middle of a conflict with the 2FA plugin that was already there, and active. 😱
at the time, i figured that it would be easier to delete the 2FA plugin and use the feature provided by WordFence… so i deleted the 2FA plugin, and set up the 2FA feature provided by WordFence.
except that, unlike the 2FA plugin that was now deleted, WordFence’s 2FA feature only gives you the ability to set up an authenticator ONCE, and, after that, it “assumes” that you have an authenticator set up, so it doesn’t give you the ability to set up another one.
which i discovered today, when i tried to login using my phone, rather than the tablet on which i have set up the new 2FA set up. the result was that i entered the 6-digit code given to me by google authenticator, only to have it rejected… twice… and then i was banned from logging in TO MY OWN GODDAMN BLOG! 🤬
THIS is why the web designer DIDN’T set plugins to auto-update on Hybrid Elephant! 👍
after i used one of my emergency login codes, i set the plugins to NOT auto-update, re-installed the 2FA plugin that allows you to set up more than one iteration of the authenticator, and deleted, and re-installed the blog on the authenticator on BOTH my tablet and my phone…
whew… i think that’s everything… 😕