WordPress · masteradhoc · Mar 2, 2026 · Jul 11, 2024 · Jul 11, 2024 · Jul 12, 2024
diff --git a/class-two-factor-core.php b/class-two-factor-core.php
@@ -1065,37 +1065,57 @@ public static function login_html( $user, $login_nonce, $redirect_to, $error_msg
 		</form>
 
 		<?php
-		if ( $backup_providers ) :
-			$backup_link_args = array(
-				'action'        => $action,
-				'wp-auth-id'    => $user->ID,
-				'wp-auth-nonce' => $login_nonce,
-			);
-			if ( $rememberme ) {
-				$backup_link_args['rememberme'] = $rememberme;
-			}
-			if ( $redirect_to ) {
-				$backup_link_args['redirect_to'] = $redirect_to;
-			}
-			if ( $interim_login ) {
-				$backup_link_args['interim-login'] = 1;
+			$links = array();
+
+			if ( $backup_providers ) {
+				$backup_link_args = array(
+					'action'        => $action,
+					'wp-auth-id'    => $user->ID,
+					'wp-auth-nonce' => $login_nonce,
+				);
+				if ( $rememberme ) {
+					$backup_link_args['rememberme'] = $rememberme;
+				}
+				if ( $redirect_to ) {
+					$backup_link_args['redirect_to'] = $redirect_to;
+				}
+				if ( $interim_login ) {
+					$backup_link_args['interim-login'] = 1;
+				}
+
+				foreach ( $backup_providers as $backup_provider_key => $backup_provider ) {
+					$backup_link_args['provider'] = $backup_provider_key;
+					$links[] = array(
+						'url'   => self::login_url( $backup_link_args ),
+						'label' => $backup_provider->get_alternative_provider_label(),
+					);
+				}
 			}
-			?>
+
+			/**
+			 * Filters the links displayed on the two-factor login form.
+			 *
+			 * Plugins can use this filter to modify or add links to the two-factor authentication
+			 * login form, allowing users to select backup methods for authentication or provide documentation links.
+			 *
+			 * @since 0.16.0
+			 *
+			 * @param array $links An array of links displayed on the two-factor login form, each with `url` and `label` keys.
+			 */
+			$links = apply_filters( 'two_factor_login_backup_links', $links );
+		?>
+
+		<?php if ( ! empty( $links ) ) : ?>
 			<div class="backup-methods-wrap">
 				<p>
 					<?php esc_html_e( 'Having Problems?', 'two-factor' ); ?>
 				</p>
 				<ul>
-					<?php
-					foreach ( $backup_providers as $backup_provider_key => $backup_provider ) :
-						$backup_link_args['provider'] = $backup_provider_key;
-						?>
-						<li>
-							<a href="<?php echo esc_url( self::login_url( $backup_link_args ) ); ?>">
-								<?php echo esc_html( $backup_provider->get_alternative_provider_label() ); ?>
-							</a>
-						</li>
-					<?php endforeach; ?>
+				<?php
+					foreach ( $links as $link ) {
+						echo '<li><a href="' . esc_url( $link['url'] ) . '">' . esc_html( $link['label'] ) . '</a></li>';
+					}
+				?>
 				</ul>
 			</div>
 		<?php endif; ?>

diff --git a/readme.txt b/readme.txt
@@ -108,6 +108,7 @@ Here is a list of action and filter hooks provided by the plugin:
 - `two_factor_before_authentication_prompt` action which receives the provider object and fires prior to the prompt shown on the authentication input form.
 - `two_factor_after_authentication_prompt` action which receives the provider object and fires after the prompt shown on the authentication input form.
 - `two_factor_after_authentication_input`action which receives the provider object and fires after the input shown on the authentication input form (if form contains no input, action fires immediately after `two_factor_after_authentication_prompt`).
+- `two_factor_login_backup_links` filters the backup links displayed on the two-factor login form.
 
 == Frequently Asked Questions ==