Is WP 2FA not sending email notifications with the one-time password?
WP 2FA adds two-factor authentication to your login form and sends an OTP through email. Without these email notifications, you could get locked out of your website.
In this article, we’ll show you how to easily solve this email deliverability issue so that emails from WP 2FA always reach your inbox.
Why Am I Not Receiving My Two-Factor Email?
You’re likely not receiving two-factor authentication emails because they’re being filed in the spam folder. This is a super common problem with WordPress emails.
You can easily solve this by using the WP Mail SMTP plugin. WP Mail SMTP sends emails through a professional email provider instead of your web server. This adds authentication to your messages and helps to ensure they aren’t marked as spam.
In the tutorial below, we’ll show you how to set it up.
How to Fix WP 2FA Not Sending Email
In This Article
1. Check One-Time Code via Email Is Enabled
For WP 2FA to send codes via email, you need to make sure the email method is enabled in the plugin settings.
From the WordPress dashboard, go to Settings » Two-factor Authentication.
Under the 2FA settings tab, make sure there’s a checkmark next to the one-time code via email (HOTP) method.
If you have other methods enabled, that’s fine. It won’t stop the emails from being sent.
Let’s move on to check if we have the correct sender settings for sending OTP emails.
2. Check From Email and Name in WP 2FA Settings
One-time password emails could still go to spam if they are sent using the default WordPress email settings.
WordPress will either use the admin email or the default WordPress email ([email protected]) for sending notifications from WP 2FA. It’s good practice to change this to an email address from your domain.
To configure the email sender option, switch to the Email Settings and Template tab from the same WP 2FA settings page.
In the From email & name section, select the radio button that says Use another email address and type in the From Email you want to use.
Now, scroll down the page and save the settings for the changes to take effect.
Now let’s install WP Mail SMTP to make sure the emails arrive.
3. Install the WP Mail SMTP Plugin
WP Mail SMTP is hands down the best SMTP plugin for WordPress. It connects your website to a 3rd party email service that adds authentication to your messages.
To download the plugin, log in to your WP Mail SMTP account and click the orange button under the Downloads tab to get the latest version of the plugin file.
Switch to your WordPress dashboard and go to the plugins page. Here, upload the file you just downloaded to install the plugin.
If you are new to WordPress or don’t know how to upload a plugin file, you might want to check out this guide on installing a WordPress plugin.
Once the plugin is installed, be sure to activate it. As soon as you do that, the plugin’s Setup Wizard will start in your browser.
Let’s work through the steps in the Wizard.
4. Choose a Mailer Service
Now it’s time to choose a mailer that will handle the outgoing emails from your WordPress site. To begin, click the Let’s Get Started button.
WP Mail SMTP supports several 3rd party mailers. What you choose here will depend on the type of website you have.
Some mailers like SendLayer and Brevo (formerly Sendinblue) have a free plan that you can use to get started. You can upgrade to a paid account later.
You can check out our guide to learn more about each mailer that WP Mail SMTP supports.
Each email service has different steps to set up an account. You can click the below link to open the documentation page and follow the steps.
| Mailers available in all versions | Mailers in WP Mail SMTP Pro |
|---|---|
| SendLayer | Amazon SES |
| SMTP.com | Microsoft 365 / Outlook.com |
| Brevo | Zoho Mail |
| Google Workspace / Gmail | |
| Mailgun | |
| Postmark | |
| SendGrid | |
| SparkPost | |
| Other SMTP |
If you want to set up multiple mailers, you can do so in the Additional Connections settings once you’ve finished the Setup Wizard. Then you can select a Backup Connection and configure Smart Routing.
Switch back to this guide after you’ve established a connection and moved on to the next step.
5. Enable Email Logging
In the next step, the wizard will have two options enabled by default:
- Email deliverability
- Error tracking
If you have the Pro version of the plugin, you can enable the Detailed Email Logs. This will let you track every email that your website sends.
Enabling email logging also turns on Complete Email Reports. If you want to receive an overview of your logs each week, you can select the Weekly Email Summary here, too.
Instant Email Alerts let you know when your site fails to send an email so that you can fix the problem.
On the next screen, you can turn on advanced email logging features.
By default, the log will not include the email content, so you don’t have to worry about exposing the two-factor authentication codes.
If you want to store email content so you can resend emails, be mindful of the fact that your WP 2FA emails will be stored in your log. Check out how this works in our article on how to log your WordPress emails.
Finally, grab the license key from your WP Mail SMTP account and paste it into the box to enable Pro features and future updates.
And that’s it! You’ve done everything to fix WP 2FA not sending email. Registered users on your site will now be able to receive two-factor codes.
Next, Add More Security to Your Website
Adding two-factor authentication to your login form is a great way to add security to your website. But hackers can still try to break in by exploiting vulnerabilities in plugins or themes. You need an additional plugin that can secure your entire website against security threats such as brute force attacks.
You can check this guide that lists some of the best security plugins available for WordPress.
Ready to fix your emails? Get started today with the best WordPress SMTP plugin. WP Mail SMTP Elite includes full White Glove Setup and offers a 14-day money-back guarantee.
If this article helped you out, please follow us on Facebook and Twitter for more WordPress tips and tutorials.r
As of yesterday, I can not get access to the WordPress dashboard. oI’m able to sign.Waiting for the email Authentication Code for the 2-step process. I’m not getting the email code. Any advice?
Hi Sonia,
In your case, you can use your backup codes to access your WordPress backend.
Then, you need to check whether your WP Mail SMTP plugin is functioning correctly by sending a test email (WP Mail SMTP -> Tools).
If you don’t have backup codes, you may have to get in touch with WP 2FA support to recover your WordPress backend access.
I hope this helps. Thanks!
Hi Darshana
I installed a wp2fa on my website and I set it up with totp codes and email codes. However a shocking fact I realized was that this plugin when you log in with both methods configured, it does not give you an option to select to OTP or hotp (email).
What if the email server goes down? Then I will be stuck out of my site forever. As this plugin defaults to using the email as the primary 2fm at that even if you have 2fa code app.
I was under the impression that this application will let you pick email or totp, but it only lets you pick email. Do you know what I’m doing wrong here?
Hi Prafeen,
Thank you for your feedback! To address this issue, I suggest contacting the support team of the WP 2FA plugin. They would be the best resource to help you understand the configuration options and if there is a workaround or alternative method to prioritize the TOTP option alongside email.
In the meantime, you can also enable backup codes. If a user loses their phone or encounters issues with WordPress correctly routing emails, having a backup code can serve as a way for the user to regain access to their account.
I hope this helps. Thanks!