Email-based 2FA: How to confirm that your website can send emails
Before you start using 2-factor email authentication on your WordPress site, you'll need to verify you can receive emails. This verifies your site can send emails and that your account can receive emails sent from your site.
Important: You might experience email deliverability issue. This is a major problem for site admins.
Shield calls the standard WordPress function for sending email. It does nothing more. The reliable sending of email on a WordPress site is the responsibility of the site. If a site isn't configured to properly send emails, it can work for a while, it can work for some emails and not others, and it can stop working at any time.
It's highly recommended to assess your email deliverability on your WordPress site by using a dedicated and properly configured email system such as the one we personally use - Postmark.
How to confirm that your website can send emails
When you go to the Login Protection Zone > 2FA: Email > and click to Enable Email Authentication option for the first time, verification email will be sent and you'll see the admin notice on the 2FA page.
Please note that this email will be sent to the email address of the site, outlined in this admin notice.
If for some reason you need to resent this verification email or you want to disable 2FA by email, you may do so directly from within admin notice.
To resend verification email, just click "Resend verification email" link. To disable 2FA by email, click ""Disable 2FA by email" link.
To confirm that your site can send emails, simply go to your inbox (email address of your site) and click the verification link in the email you received.
The email subject will be "[your-site-name] Email Sending Verification".
Important: If you get a warning that the link has already expired, please ensure that, when you're click the link, it is opening up in the same browser where you're logged into that WordPress site and turned on the feature.
Note: To enforce users for email authentication, you'll need to list the user roles first.
For a complete step-by-step guide on how to set-up email-based 2FA, read the article here.