Two-step verification to sign in wordpress - Technology tips

One of the wp-admin area admin security tips on wordpress is 2-step verification when logging into wordpress. In order to prevent the bad guys from logging in to the wordpress admin area, this article will show you 2-step verification in WordPress with Google Authenticator.

2-step verification when logging in wordpress

Note: Google Authenticator only works on iOS, Android, Windows Phone, webOS, PalmOS and BlackBerry devices. In other words, you will need your smartphone to log in to your site.

How it works?

Usually passwords can be cracked. If you are using the same password on multiple websites, leaking security on one account puts your other accounts at risk. People are usually lazy and they don't change their passwords even after they receive an email about a security compromise on a large website.

Yes, 2-step verification is the solution for that. Even if hackers know your WordPress username and password, they won't be able to access your site unless they have a time-limited random security code (provided by Google Authenticator).

Because your blog is directly connected to your mobile device, you will be the only one who has access to retrieve unique code for each login. The code expires in a short period of time for security purposes.

When we complete this tutorial, there will be an additional field on your WordPress login page like this to improve your WordPress security:

Login with Google Authenticator

How to add Google Authenticator in WordPress

The first thing you need to do is install the Google Authenticator application on your phone. We will use the app on iOS for the purpose of this tutorial, but the process is similar for other devices. You go to the App store and search for Google Google Authenticator. Download and install the application.

Now go back to your WordPress dashboard. We will revisit the Google Authenticator application after completing the installation on WordPress.

Please install and activate Google Authenticator plugin for WordPress.

In the WordPress menu, click Users »Your Profile . You should see Install Google Authenticator there.

2-step verification plugin

Active - If you check this box, that means your blog will now use Google Authenticator. (Check this box when you complete the entire setup)

Relaxed Mode - Usually your Google verification code expires every minute. Using relaxation mode will allow you to use a code for up to 4 minutes. We do not recommend turning this on unless you type very slowly. The code is only 6 characters long, so you should be able to do it in 1 minute.

Description and Secret Key - These options are pretty self explanatory. The description will act as your account name in the Google Authenticator application. Secret key is needed if you don't use QR code. Note: When using iPhone, you cannot have spaces in your description. If you add a space, the QR code may not work and you will need to use the key to enter information in our app manually.

Enable App Password - You only need this if you are using XML-RPC (remote publishing) on ​​your blog. This means the WordPress iOS or Windows Live Writer application. Remember, enabling that will reduce your overall login security, but if you really enjoy using remote publishing, then keep using it. Just enable this option and set the application password.

Now that we've configured the WordPress section, let's return to the Google Authenticator App on our iPhone. Click the Google Authenticator application icon and then click the + icon to add a new account.

You will be asked to scan the QR code or enter the key provided. You can get both of these from the Google Authenticator settings on your website.

Scan the barcode if your description has no spaces. Click Show QR code button in WordPress to see the QR code.

As soon as you scan a barcode or enter a Secret key, your WordPress blog description will appear in Google Authenticator. It will show you a random sequence of 6 digits with 1 minute counter next to it.

Now when you sign in, you'll see a two-step verification field that requires Google Authenticator code.

Login with Google Authenticator

This works for many blog authors as well. Each author has their own secret key, so they can put it on their device. What are you waiting for? Use 2-step verification on your blog to improve WordPress security.

Now your account has 2 layer security. even if others know your username and password, you cannot log in unless they have a verification code from Google Authenticator.

If you liked the article "Two-step verification to login wordpress" please comment below and share for everyone to read. Thank you for following the article. And if you want to copy the article, please cite the source: