Title: OneCode Login Author: oaron Published: January 5, 2026 Last modified: January 5, 2026 --- Search plugins ![](https://s.w.org/plugins/geopattern-icon/onecode-login.svg) # OneCode Login By [oaron](https://profiles.wordpress.org/oaron/) [Download](https://downloads.wordpress.org/plugin/onecode-login.zip) * [Details](https://frp.wordpress.org/plugins/onecode-login/#description) * [Reviews](https://frp.wordpress.org/plugins/onecode-login/#reviews) * [Installation](https://frp.wordpress.org/plugins/onecode-login/#installation) * [Development](https://frp.wordpress.org/plugins/onecode-login/#developers) [Support](https://wordpress.org/support/plugin/onecode-login/) ## Description OneCode Login provides a modern, passwordless authentication experience for your WordPress site. Instead of traditional passwords, users receive a secure 6-digit verification code via email. #### Key Features * **Passwordless Authentication** – Users log in with just their email address * **6-Digit Verification Codes** – Secure, time-limited codes sent via email * **Rate Limiting** – Built-in protection against brute force attacks * **Request ID Binding** – Each code is bound to a specific login session for enhanced security * **Neutral Feedback** – Prevents user enumeration attacks by not revealing if an email exists * **Customizable** – Configure expiry times, cooldowns, and email templates * **Accessible** – Full keyboard navigation and screen reader support * **Gutenberg Block** – Easy to add login forms to any page * **Shortcode Support** – Use [onecode_login] anywhere * **wp-login.php Integration** – Optionally replace the default WordPress login #### Security Features * Cryptographically secure code generation * Configurable code expiry (default: 10 minutes) * Resend cooldown to prevent spam * IP-based and email-based rate limiting * Automatic lockout after failed attempts * Codes are single-use and invalidated after successful login #### Use Cases * Membership sites where password fatigue is an issue * Customer portals requiring simple authentication * Internal tools where security without complexity is needed * Any site wanting to improve user experience ## Screenshots * [[ * Admin settings page with all configuration options * [[ * Email input form for passwordless login * [[ * 6-digit verification code entry screen ## Blocks This plugin provides 1 block. * OneCode Login ## Installation 1. Upload the `onecode-login` folder to `/wp-content/plugins/` 2. Activate the plugin through the Plugins menu in WordPress 3. Go to Settings > OneCode Login to configure options 4. Add the login form using the [onecode_login] shortcode or Gutenberg block #### Shortcode Options * `redirect_to` – URL to redirect after successful login * `button_text` – Custom text for the send code button * `verify_text` – Custom text for the verify button Example: `[onecode_login redirect_to="/dashboard" button_text="Get Code"]` ## FAQ ### Does this replace password login completely? By default, no. OneCode Login works alongside traditional password login. However, you can enable the “Replace wp-login.php” option to use OneCode Login as the primary login method. ### What happens if the email does not arrive? Users can request a new code after the cooldown period (default: 60 seconds). Check your server email configuration if emails consistently fail to deliver. ### Is this secure? Yes. The plugin uses cryptographically secure random number generation, time-limited codes, rate limiting, and request binding to prevent various attack vectors. ### Can I customize the email template? Yes. Go to Settings > OneCode Login > Email tab to customize the subject and body of verification emails. You can use placeholders like {code}, {expires}, {site_name}, and {user_email}. ### Does it work with multisite? The plugin is designed for single-site installations. Multisite compatibility may be added in future versions. ### What if a user does not have an account? The plugin only allows existing users to log in. For security reasons, it does not reveal whether an email address has an account – users always see the same “check your email” message. ## Reviews ![](https://secure.gravatar.com/avatar/649d8bddb6156460ecb0ee0150168ee9d0d8573065bb564894c943d47a542501? s=60&d=retro&r=g) ### 󠀁[I really like this plugin. It has a lot of potential.](https://wordpress.org/support/topic/i-really-like-this-plugin-it-has-a-lot-of-potential/)󠁿 [painlessseo](https://profiles.wordpress.org/painlessseo/) March 2, 2026 The developer clearly understands real-world needs and built something that actually solves practical problems.Looking forward to the developer adding even more features in future updates.Thank you for making this plugin! [ Read all 1 review ](https://wordpress.org/support/plugin/onecode-login/reviews/) ## Contributors & Developers “OneCode Login” is open source software. The following people have contributed to this plugin. Contributors * [ oaron ](https://profiles.wordpress.org/oaron/) [Translate “OneCode Login” into your language.](https://translate.wordpress.org/projects/wp-plugins/onecode-login) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/onecode-login/), check out the [SVN repository](https://plugins.svn.wordpress.org/onecode-login/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/onecode-login/) by [RSS](https://plugins.trac.wordpress.org/log/onecode-login/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 1.0.0 * Initial release * Passwordless login with 6-digit verification codes * Rate limiting and brute force protection * Customizable email templates * Gutenberg block and shortcode support * wp-login.php integration option * Full accessibility support ## Meta * Version **1.0.0** * Last updated **3 months ago** * Active installations **10+** * WordPress version ** 5.8 or higher ** * Tested up to **6.9.4** * PHP version ** 7.4 or higher ** * Language * [English (US)](https://wordpress.org/plugins/onecode-login/) * Tags * [authentication](https://frp.wordpress.org/plugins/tags/authentication/)[email](https://frp.wordpress.org/plugins/tags/email/) [login](https://frp.wordpress.org/plugins/tags/login/)[otp](https://frp.wordpress.org/plugins/tags/otp/) [passwordless](https://frp.wordpress.org/plugins/tags/passwordless/) * [Advanced View](https://frp.wordpress.org/plugins/onecode-login/advanced/) ## Ratings 5 out of 5 stars. * [ 1 5-star review ](https://wordpress.org/support/plugin/onecode-login/reviews/?filter=5) * [ 0 4-star reviews ](https://wordpress.org/support/plugin/onecode-login/reviews/?filter=4) * [ 0 3-star reviews ](https://wordpress.org/support/plugin/onecode-login/reviews/?filter=3) * [ 0 2-star reviews ](https://wordpress.org/support/plugin/onecode-login/reviews/?filter=2) * [ 0 1-star reviews ](https://wordpress.org/support/plugin/onecode-login/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/onecode-login/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/onecode-login/reviews/) ## Contributors * [ oaron ](https://profiles.wordpress.org/oaron/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/onecode-login/)