Green Clook

WordPress and Two Factor Authentication (2FA)

Unfortunately we often see WordPress websites compromised due to weak or insecure passwords. A way to tighten security is to combine WordPress and Two Factor Authentication (2FA).

Two Factor Authentication adds an extra layer of protection to enhance the security of online accounts. Once enabled you will not only use your username and password to access an account but also a secondary identifier such as a security token or a biometric factor such as a fingerprint. The most common 2FA process is the security token method and this involves downloading an App such as Google Authenticator (Available on Google Play & the App Store). Once paired you will be prompted for a 6/8 digit security code when attempting to log in.

Here I will detail how to enable WordPress and Two Factor Authentication…


Log into your WordPress back office.


Navigate to Plugins > Add New.


Search for ‘Google Authenticator’ then install and activate the plugin titled ‘Google Authenticator – WordPress Two Factor Authentication (2FA)‘.

WordPress and Two Factor Authentication (2FA)


Once installed, navigate to the newly created option on the side menu – ‘miniOrange 2-Factor’.

miniOrange 2-Factor


You will be asked to select an authentication method. To use Google Authenticator you should download this app to a device that you will have with you when you wish to login to your WordPress back office in the future.

Once you have Google Authenticator set up you will need to select this option from the plugin admin page:

Google Authenticator and WordPress


The first step of configuration is to log in to Authenticator or to create a new account. Once logged in the set up page is displayed where you should select your device type. Instructions are provided on how to link your WordPress login with Google Authenticator. It involves scanning a QR Code and inputting a generated verification code:

Enabling 2 Factor Authentication


Once the code is provided and verified a new page will open and a confirmation message will display showing it was successful. You should now add a tick to the checkbox : Enable 2FA prompt on the WP Login Page:

Website Security 2FA


The next time you attempt to log-in you will notice an extra box to the wp-admin page:

2FA and WordPress

You should use the Google Authenticator app and input the code shown:


Finally, click Log In and provided the details are entered correctly you will gain access to your WordPress admin area.

As you can see, enabling WordPress and Two Factor Authentication is a great way to increase security for your website…

Did you know…

At Clook, one of our specialisms is providing WordPress hosting, if you’d like to find out more, please get in touch with us.

About The Author

Scott is a UX Designer and Developer at Clook. He’s passionate about UI Design, WordPress Development and Marketing.

Working on the creative, branding and marketing side of Clook. He's involved in creating a variety of digital and print designs for us.

Connect on Linkedin

Clook Logo

Get regular tips, tricks and updates!

Signup today for our awesome newsletter and recieve monthly emails with all sorts of helpful articles on hosting and web development.