v2.5 is out now. Plus a new addon.

We have been working on a few major improvements for the past few months. A major chunk of those are out in v2.5. Plus we have a new Duo Security addon for dual authentication.

Two-Factor authentication – Email-based

You can now secure your admin panel with another layer of authentication with the new email based dual authentication. Once you login with your email + password, you will receive an email with a passcode. Only when you enter that passcode, will the panel be accessible. Alternatively, you will also be able click on a link in the email to login.

Authentication email

Two-factor authentication – Duo Security

Though email based dual authentication is much more secure that just logging in with your email + password combo, it is still vulnerable with the faint possibility of someone gaining access to your email. Traditionally, high security dual authentication, by banks for instance, was done by using physical tokens called fobs that users carry on their keychain.

Hardware token

Image Credit: Privacy Canada

But you don’t want to carry a fob for InfiniteWP in your keychain, do you? That is why we have integrated Duo Security with the admin panel. With Duo Security, your mobile phone is your hardware token. When you login, a request to approve that login will be sent to the Duo Security app on your mobile phone. Just tap to Approve or Deny the request. Easy peasy.

Authentication Methods

Mobile phone authentication request

What? Don’t have a smartphone? Seriously? Here you go. :p

Caveman Phone

There’s a way for you, caveman or cavewoman. Deter not.

Phone call: You can choose to authenticate the request via a call. Answer the call and press any key on your phone’s keypad to authenticate.

SMS Passcode: If you would prefer a SMS (What does that even mean?) over a call, you can send yourself a passcode via SMS. Just enter the passcode to enter the admin panel.

Calls and SMS will need telephony credits in your Duo Security account. Text messages to the US/Canada cost 1 credit and phone calls 2. With a free account, you will get 25 telephony credits every month.

Still need convincing why 2FA is important? Read this –

Check out the Duo Security addon here –


Killing tasks in process queue

Certain tasks take more time than expected and you would rather kill them than wait. This can be done now. Click on the kill icon next to the running task in the Process Queue or Activity Log.

Kill task

By killing the task, we will stop all further calls to WordPress sites. Calls that have already been initiated might bring back replies. If so, they will be updated in the panel.


Clearing Activity log & filtering

The database of panels with a large number of sites were getting clogged up with the activity log. You can now schedule to clear them automatically every 30, 60 or 90 days.

Auto clear log

A word of caution: Clearing the logs might affect the data for the Client Reporting addon. So, if you are using the client reporting addon, give enough time before clearing them.


You can now filter the log based on users and actions performed. And also delete the filtered logs.

Filter activity log by users

Filter activity log by actions

Send emails via SMTP

You can now send mails via an SMTP server rather than relying on the server mail function.

You can use Gmail’s SMTP too.

Email via SMTP

Note that Gmail’s SMTP relay service is not available with the legacy free edition of Google Apps. Personal account and Paid Google Apps users can use it.


Email based password resetting.

Though not a huge feature on its own, this is something that should have been part of the app a long time ago. You can now reset password for the admin panel via email and not by editing the database.


In-app communication

We now have a communication channel right inside the panel where we can send important news and updates.


Do let us know your thoughts about this update in the comments below.

Subscribe and get to know all you have to know about InfiniteWP and more. We will never ever send spam emails.