Benchmarks
Plugin footprint 82% from 16 tests
Installer Passed 1 test
🔺 Critical test (weight: 50) | Verifying that this plugin installs correctly without errors
This plugin's installer ran successfully
Server metrics [RAM: ▲2.08MB] [CPU: ▲8.78ms] Passed 4 tests
A check of server-side resources used by WP 2FA - Two-factor authentication for WordPress
This plugin does not affect your website's performance
| Page | Memory (MB) | CPU Time (ms) |
|---|---|---|
| Home / | 4.89 ▲1.44 | 46.49 ▲4.54 |
| Dashboard /wp-admin | 5.64 ▲2.34 | 61.19 ▲7.78 |
| Posts /wp-admin/edit.php | 5.66 ▲2.31 | 63.91 ▲11.53 |
| Add New Post /wp-admin/post-new.php | 8.13 ▲2.24 | 111.48 ▲11.27 |
| Media Library /wp-admin/upload.php | 5.56 ▲2.33 | 55.07 ▲19.32 |
| /wp-admin/index.php?page=wp-2fa-setup | 5.44 | 43.69 |
| Settings /wp-admin/admin.php?page=wp-2fa-settings | 5.50 | 46.51 |
| Premium Features ➤ /wp-admin/admin.php?page=wp-2fa-premium-features | 5.47 | 44.70 |
| 2FA Policies /wp-admin/admin.php?page=wp-2fa-policies | 5.69 | 50.96 |
| Help & Contact Us /wp-admin/admin.php?page=wp-2fa-help-contact-us | 5.47 | 46.22 |
Server storage [IO: ▲2.54MB] [DB: ▲0.01MB] 67% from 3 tests
Input-output and database impact of this plugin
It is recommended to fix the following issues
- Illegal file modification detected: 1 file (4.42KB) outside of "wp-content/plugins/wp-2fa/" and "wp-content/uploads/"
- (modified) wp-config.php
Filesystem: 294 new files
Database: no new tables, 10 new options
| New WordPress options |
|---|
| db_upgraded |
| wp_2fa_settings_hash |
| wp_2fa_policy |
| can_compress_scripts |
| wp_2fa_plugin_version |
| widget_recent-comments |
| widget_recent-posts |
| theysaidso_admin_options |
| wp_2fa_default_settings_applied |
| widget_theysaidso_widget |
Browser metrics Passed 4 tests
A check of browser resources used by WP 2FA - Two-factor authentication for WordPress
This plugin has a minimal impact on browser resources
| Page | Nodes | Memory (MB) | Script (ms) | Layout (ms) |
|---|---|---|---|---|
| Home / | 2,915 ▲158 | 13.27 ▼1.54 | 1.60 ▼0.32 | 41.32 ▲2.11 |
| Dashboard /wp-admin | 2,321 ▲133 | 4.85 ▼0.03 | 100.47 ▼9.38 | 44.15 ▼4.04 |
| Posts /wp-admin/edit.php | 2,204 ▲112 | 2.05 ▼0.01 | 41.18 ▼0.14 | 37.38 ▲2.05 |
| Add New Post /wp-admin/post-new.php | 1,563 ▲29 | 23.02 ▼0.19 | 586.13 ▼48.87 | 59.22 ▼0.28 |
| Media Library /wp-admin/upload.php | 1,504 ▲119 | 4.28 ▲0.09 | 98.54 ▼2.11 | 47.08 ▲1.33 |
| /wp-admin/index.php?page=wp-2fa-setup | 233 | 1.87 | 25.01 | 24.52 |
| Settings /wp-admin/admin.php?page=wp-2fa-settings | 1,123 | 2.25 | 37.85 | 32.21 |
| Premium Features ➤ /wp-admin/admin.php?page=wp-2fa-premium-features | 1,461 | 2.41 | 30.00 | 58.22 |
| 2FA Policies /wp-admin/admin.php?page=wp-2fa-policies | 1,771 | 2.60 | 50.80 | 39.22 |
| Help & Contact Us /wp-admin/admin.php?page=wp-2fa-help-contact-us | 1,536 | 9.63 | 280.26 | 60.77 |
Uninstaller [IO: ▲0.00MB] [DB: ▲0.01MB] 75% from 4 tests
🔸 Tests weight: 35 | All plugins must uninstall correctly, removing their source code and extra database tables they might have created
Please fix the following items
- Zombie WordPress options detected upon uninstall: 10 options
- wp_2fa_policy
- db_upgraded
- theysaidso_admin_options
- widget_recent-posts
- wp_2fa_settings_hash
- can_compress_scripts
- wp_2fa_plugin_version
- widget_theysaidso_widget
- wp_2fa_default_settings_applied
- widget_recent-comments
Smoke tests 75% from 4 tests
Server-side errors Passed 1 test
🔹 Test weight: 20 | This is a shallow check for server-side errors
Even though everything seems fine, this is not an exhaustive test
SRP 50% from 2 tests
🔹 Tests weight: 20 | It is important to ensure that your PHP files perform no action when accessed directly, respecting the single-responsibility principle
Please fix the following
- 112× PHP files trigger server-side errors or warnings when accessed directly (only 10 are shown):
- > PHP Fatal error
Uncaught Error: Interface 'WP2FA_Vendor\\BaconQrCode\\Renderer\\Path\\OperationInterface' not found in wp-content/plugins/wp-2fa/vendor/bacon/bacon-qr-code/src/Renderer/Path/Curve.php:6
- > PHP Parse error
syntax error, unexpected 'private' (T_PRIVATE), expecting variable (T_VARIABLE) in wp-content/plugins/wp-2fa/vendor/khanamiryan/qrcode-detector-decoder/lib/Common/Reedsolomon/ReedSolomonDecoder.php on line 44
- > PHP Fatal error
Uncaught Error: Class 'WP2FA_Vendor\\Zxing\\Binarizer' not found in wp-content/plugins/wp-2fa/vendor/khanamiryan/qrcode-detector-decoder/lib/Common/GlobalHistogramBinarizer.php:33
- > PHP Fatal error
Uncaught Error: Interface 'WP2FA_Vendor\\DASPRiD\\Enum\\Exception\\ExceptionInterface' not found in wp-content/plugins/wp-2fa/vendor/dasprid/enum/src/Exception/IllegalArgumentException.php:7
- > PHP Parse error
syntax error, unexpected 'private' (T_PRIVATE), expecting variable (T_VARIABLE) in wp-content/plugins/wp-2fa/vendor/khanamiryan/qrcode-detector-decoder/lib/LuminanceSource.php on line 31
- > PHP Fatal error
Uncaught Error: Interface 'WP2FA_Vendor\\Zxing\\Reader' not found in wp-content/plugins/wp-2fa/vendor/khanamiryan/qrcode-detector-decoder/lib/Qrcode/QRCodeReader.php:34
- > PHP Fatal error
Uncaught Error: Interface 'WP2FA_Vendor\\DASPRiD\\Enum\\Exception\\ExceptionInterface' not found in wp-content/plugins/wp-2fa/vendor/dasprid/enum/src/Exception/ExpectationException.php:7
- > PHP Fatal error
Uncaught Error: Class 'WP2FA_Vendor\\Endroid\\QrCode\\Writer\\AbstractWriter' not found in wp-content/plugins/wp-2fa/vendor/endroid/qr-code/src/Writer/BinaryWriter.php:13
- > PHP Parse error
syntax error, unexpected ')', expecting '|' or variable (T_VARIABLE) in wp-content/plugins/wp-2fa/vendor/khanamiryan/qrcode-detector-decoder/lib/BinaryBitmap.php on line 124
- > PHP Fatal error
Uncaught Error: Class 'WP2FA_Vendor\\MyCLabs\\Enum\\Enum' not found in wp-content/plugins/wp-2fa/vendor/endroid/qr-code/src/ErrorCorrectionLevel.php:23
- > PHP Fatal error
User-side errors Passed 1 test
🔹 Test weight: 20 | A shallow check that no browser errors were triggered
Everything seems fine on the user side
Optimizations
Plugin configuration 93% from 29 tests
readme.txt Passed 16 tests
The readme.txt file is important because it is parsed by WordPress.org for the public listing of your plugin
6 plugin tags: two-step authentication, two-factor authentication, 2fa, 2-factor authentication, multi-step authentication...
wp-2fa/wp-2fa.php 85% from 13 tests
"WP 2FA - Two-factor authentication for WordPress" version 2.5.0's main PHP file describes plugin functionality and also serves as the entry point to any WordPress functionality
The following require your attention:
- Description: Keep the plugin description shorter than 140 characters (currently 171 characters long)
- Requires PHP: The required version number must match the one declared in readme.txt ("7.2.0" instead of "7.2")
Code Analysis Passed 3 tests
File types Passed 1 test
🔸 Test weight: 35 | A short check of programming languages and file extensions; no executable files are allowed
Everything looks great! No dangerous files found in this plugin24,872 lines of code in 247 files:
| Language | Files | Blank lines | Comment lines | Lines of code |
|---|---|---|---|---|
| PHP | 235 | 2,728 | 12,548 | 23,713 |
| JSON | 1 | 0 | 0 | 644 |
| JavaScript | 5 | 79 | 64 | 413 |
| SVG | 2 | 2 | 1 | 95 |
| CSS | 4 | 0 | 0 | 7 |
PHP code Passed 2 tests
An short overview of logical lines of code, cyclomatic complexity, and other code metrics
This plugin has no cyclomatic complexity problems
| Cyclomatic complexity | |
|---|---|
| Average complexity per logical line of code | 0.40 |
| Average class complexity | 16.76 |
| ▷ Minimum class complexity | 1.00 |
| ▷ Maximum class complexity | 202.00 |
| Average method complexity | 3.52 |
| ▷ Minimum method complexity | 1.00 |
| ▷ Maximum method complexity | 73.00 |
| Code structure | ||
|---|---|---|
| Namespaces | 47 | |
| Interfaces | 19 | |
| Traits | 1 | |
| Classes | 211 | |
| ▷ Abstract classes | 9 | 4.27% |
| ▷ Concrete classes | 202 | 95.73% |
| ▷ Final classes | 105 | 51.98% |
| Methods | 1,500 | |
| ▷ Static methods | 645 | 43.00% |
| ▷ Public methods | 1,218 | 81.20% |
| ▷ Protected methods | 27 | 1.80% |
| ▷ Private methods | 255 | 17.00% |
| Functions | 54 | |
| ▷ Named functions | 26 | 48.15% |
| ▷ Anonymous functions | 28 | 51.85% |
| Constants | 193 | |
| ▷ Global constants | 15 | 7.77% |
| ▷ Class constants | 178 | 92.23% |
| ▷ Public constants | 95 | 53.37% |
Plugin size Passed 2 tests
Image compression Passed 2 tests
PNG files should be compressed to save space and minimize bandwidth usage
15 PNG files occupy 0.23MB with 0.11MB in potential savings
Potential savings
| Compression of 5 random PNG files using pngquant | |||
|---|---|---|---|
| File | Size - original | Size - compressed | Savings |
| dist/images/wp-2fa-white-icon20x28.png | 0.79KB | 1.16KB | 0.00% |
| dist/images/password-policy-manager.png | 8.19KB | 3.95KB | ▼ 51.79% |
| dist/images/wp-white-security.png | 8.80KB | 4.31KB | ▼ 51.05% |
| dist/images/wp-2fa-square.png | 28.64KB | 13.47KB | ▼ 52.97% |
| dist/images/okta-logo.png | 9.00KB | 1.93KB | ▼ 78.60% |