background img
Jun 14, 2020
113 Views
0 0

How to Add Two Factor Authentication in WordPress

Written by

Today in this article I will show you how to enable two-factor authentication in WordPress site for free.

Two-factor authentication adds extra security (two-step verification) to your WordPress login page and protects your site from Brute Force attacks.

In Brute Force attacks, hackers guess your site password and username and hack your site. But two-factor authentication adds an additional security layer to your site’s login page.

For example, if the hacker also finds your password and username, he will need a secret code, which will only be on your phone.

Why Two-Factor Authentication is Important

WordPress is a very popular CMS. Due to this, hackers target it more than other CMS. I do not say that other platforms are more secure than WordPress. According to W3Techs, 32.0% of websites are made by WordPress, which is why WordPress has more attacks.

Two-factor authentication enables a two-step verification process on your WordPress site in which you need a password and a secret code that you can text (SMS), phone call, or time-based one-time password to your cell phone. (TOTP).

WordPress 2-factor authentication is the best way to secure websites from brute force attacks.

How to Add WordPress Two-Factor Authentication

There is no option to set Two-Factor Authentication by default in WordPress. For this, you will need a third-party plugin.

WordPress.org has several plugins that allow two-factor authentication (2FA) to be added to the login page. Here I have made a list of some of the best two-factor authentication WordPress plugins that you can use.

I will use two plugins to add 2 step verification to the WordPress login page.

  1. Google Authenticator – WordPress Two Factor Authentication Plugin
  2. Google Authenticator

So let’s start…

1. Using Google Authenticator – WordPress Two Factor Authentication Plugin

First, install and activate the Google Authenticator plugin on your WordPress site. After the plugin is activated, it will add a new menu item to your WordPress dashboard with miniOrange 2-factor. Just click on it. This will take you to the settings page of the plugin.

miniOrange

In this page, you can choose Authentication methods according to your requirement.

  •  QR Code Authentication
  • miniOrange Soft Token
  • miniOrange Push Notification
  • Google Authenticator
  • Security Questions

Here I will use Google Authenticator to add two-step verification to the WordPress login page. Just click the Configure button of Google Authenticator.

Authenticator

Now a popup box will open. Here you have to enter your password and email. If you have an account, click SIGN IN.

password

You can enter your mail and password and then click on the continue button

On the next page, it will ask you to install the Google Authenticator app on your mobile.

Set-up-Google

Open the App / Play Store on your phone and search the Google Authenticator app. After installing the application, open it and scan the barcode.

The app will generate a temporary code which you have to enter in the Verify and Save box on the right. The code refreshes after every minute. So you do not have to memorize the code.

verification

Then click on the Verify and save button. This will show you a message with 2FA Setup Successful.

successful

Now how to enable two-factor authentication prompt on the WP login page.

Very easy, just navigate to the mini oranges setup two-factor tab and check the box 2FA prompt on the WP Login Page.

Two Factor Authentication

congratulation! You have successfully enabled two-step verification on your website. Logout from your site and check it.

Your login page will now look like this.

Two Factor Authentication

2. Using Google Authenticator

Google Authenticator is the most popular WordPress plugin to add two-step verification to your WordPress login page. Its setup is very easy.

First, install and activate the Google Authenticator plugin on your website. After activating the plugin, click on Users >> Profile and scroll to the Google Authenticator section.

Click on Show / Hide QR code here. This will show the QR code, which you need to scan through the Google Authenticator app.

Two Factor Authentication

It will show a secret code on your phone which refreshes every minute.

Now you can go to the Google Authenticator setting and check the active box and click on update profile.

active-box

Now, log out of your site. When you go to the login page, you will see an additional Google Authenticator code field.

Which plugin would you use to add 2-factor authentication to your WordPress site? What do you think about this tutorial? I would love to hear.
If this article has proved to be helpful for you, then do not forget to share it!

Also Read:-

Article Categories:
WordPress · WordPress Tricks and Tips

Leave a Reply

Your email address will not be published. Required fields are marked *


The maximum upload file size: 300 MB.
You can upload: image, audio, video, document, text, other.
Links to YouTube, Facebook, Twitter and other services inserted in the comment text will be automatically embedded.