Make your CMS faster

Find Out More

Platform Optimised Hosting

Back to blog

WordPress and Two Factor Authentication (2FA)

Avatar photoScott Pollard19 September 2018

Unfortunately we often see WordPress websites compromised due to weak or insecure passwords. A way to tighten security is to combine WordPress and Two Factor Authentication (2FA).

Two Factor Authentication adds an extra layer of protection to enhance the security of online accounts. Once enabled you will not only use your username and password to access an account but also a secondary identifier such as a security token or a biometric factor such as a fingerprint. The most common 2FA process is the security token method and this involves downloading an App such as Google Authenticator (Available on Google Play & the App Store). Once paired you will be prompted for a 6/8 digit security code when attempting to log in.

Here I will detail how to enable WordPress and Two Factor Authentication…

1

Log into your WordPress back office.

2

Navigate to Plugins > Add New.

3

Search for ‘Google Authenticator’ then install and activate the plugin titled ‘Google Authenticator – WordPress Two Factor Authentication (2FA)‘.

WordPress and Two Factor Authentication (2FA)

4

Once installed, navigate to the newly created option on the side menu – ‘miniOrange 2-Factor’.

miniOrange 2-Factor

5

You will be asked to select an authentication method. To use Google Authenticator you should download this app to a device that you will have with you when you wish to login to your WordPress back office in the future.

Once you have Google Authenticator set up you will need to select this option from the plugin admin page:

Google Authenticator and WordPress

6

The first step of configuration is to log in to Authenticator or to create a new account. Once logged in the set up page is displayed where you should select your device type. Instructions are provided on how to link your WordPress login with Google Authenticator. It involves scanning a QR Code and inputting a generated verification code:

Enabling 2 Factor Authentication

7

Once the code is provided and verified a new page will open and a confirmation message will display showing it was successful. You should now add a tick to the checkbox : Enable 2FA prompt on the WP Login Page:

Website Security 2FA

8

The next time you attempt to log-in you will notice an extra box to the wp-admin page:

2FA and WordPress

You should use the Google Authenticator app and input the code shown:

Authenticator

Finally, click Log In and provided the details are entered correctly you will gain access to your WordPress admin area.

As you can see, enabling WordPress and Two Factor Authentication is a great way to increase security for your website…

Did you know…

At Clook, one of our specialisms is providing WordPress hosting, if you’d like to find out more, please get in touch with us.

Avatar photo
Scott Pollard

Digital Creative / Developer

Scott is the creative mind behind our digital presence, combining his skills in design and development to craft seamless online experiences. With a passion for innovative web design and a knack for solving complex coding challenges, Scott ensures that our digital platforms are both visually stunning and highly functional. When he's not coding or sketching new ideas, Scott enjoys exploring the latest tech trends and refining his skills in the ever-evolving digital landscape.

@clookinternet

Top-Notch Security with Imunify360 Keep your websites safe and secure with Imunify360.

Thinking of migrating your website? 🚀 might seem daunting, but with the right partner, it’s a breeze!

Dive into the powerhouse duo of cPanel & WHM and discover how they can streamline your web hosting and server management! 🌐🔧

We’ve boosted our website and blog’s performance to 90+ on Lighthouse and Google Page Speed Insights!