Security in Action

Enabling two-factor authentication adds an additional layer of security by requiring users to provide two forms of identification. These factors include something the user knows, such as a password, as well as something the users has, such as a phone or a laptop. 

How to set up 2fa in wordpress

1. Install a two-factor authenticator app on your smart phone or laptop:

  • (2F) Authenticators provide the user with the second form of identification, usually in the form of a six digit code, whenever the user logs in to their account.
  • Recommended: Google Authenticator

 

2. Log in to your wp-admin account

WP Login

3. Navigate to Users

Screenshot 2022-07-11 191929

4. Hover over yourself and click ‘2FA’

5. Either scan the QR code or enter the setup key into the authenticator app

  • This will connect the user’s device to their login account and provide the necessary 6-digit code when attempting to sign in.
Screenshot 2022-07-11 193220

6. Download the recovery codes and store them somewhere secure:

  • If the user is unable to access the 6-digit code from the authenticator app, the 4-digit recovery codes can be used to login to their account and re-start the 2FA activation process.
  • Generate and download new codes if necessary

7. The authenticator app will display a 2FA code:

  • Enter the code into the system and click ‘Activate’

8. Two-Factor authentication should now be active on your account:

  • Let’s test to make sure it works.
  • Log out of your account and log back in using two-factor authentication.
WP Login
Screenshot 2022-07-14 141922

For more information regarding two-factor authentication:

Wordfence 2FA