Nowadays, security is a primary concern for all the users that uses the Internet. From Online banking to email accounts, having an extra layer of security is always a something everyone should consider.
If you are a tech enthusiast, who read lots of articles on a daily basis. You may often come across the word two-factor authentication. So first, let’s see what the heck it means 😛
What is two-factor authentication?
According to Wikipedia: Two-factor authentication (also known as 2FA) is a method of confirming a user’s claimed identity by utilising a combination of two different components.
What it means is that one cannot log in just with your email/username and password combination like traditional login. The tradition login is followed by another authentication. It may be an OTP (One Time Password) that you receive on your mobile phone or email. It may be some random numbers generated by the app at a different time or any other method. Therefore adding an extra layer of protection to your blog.
Steps to setup Two-Factor authentication on a WordPress Blog
Multiple plugins are having the support of various apps that can be used to enable two-factor authentication on your WordPress blog. Let’s discuss some of the best plugins that you can begin with:
Like us, if you are a fan of Google Products then we are sure that you will go with this method. If you haven’t heard of it yet, then let’s describe it in brief.
Google Authenticator is one of the best Android apps which generates access code every minute for the place where you already setup two-factor authentication. And the great part is that it is offline so no one can steal your access code, and it can be accessed when you are not connected to the internet. All you need to do is to scan a QR code to set it up.
Surprising Fact: It was released on September 20, 2010. That’s a long time ago.
So let’s get started on how to do so:
- Download & install Two-Factor Authentication plugin from WordPress Repository. (Download Link)
- Now install the Google Authenticator app on your mobile.
- Go to plugin settings and scan the QR Code. Verify whether the code displayed on your blog is same as shown on your phone.
- If yes, then activate the two-factor authentication.
- To check whether it works or not. Logout and login again to the WordPress dashboard. You will see something like:
- If yes, the open the authenticator app on your phone and enter the six digit code you see there.
MiniOrange 2 Factor Authentication
The other plugin that provides a similar facility is named miniOrange 2-factor authentication. It offers many additional features, but it uses an API to connect to its services. Let’s see how to configure it:
- First of all download and install miniOrange 2-factor authentication from WordPress repository. (Download Link)
- Go to the plugin settings and fill up the necessary details to signup and begin setting up the plugin.
- In the free plan, you will get up to one user plan.
- There are several ways in which you can enable two-factor authentication.Email Verification: You will receive an email when you log in to your WordPress dashboard. Login will only be successful if you verify by clicking the link in the email.
OTP Over SMS: This is a premium feature where you will receive a one-time password on your registered mobile number to login to WP dashboard.
Phone Call Verification: Also a premium feature where you will hear Computer voice telling the OTP.
Soft Token: Random 6 digit code generated by the miniOrange app on your smartphone.
QR Code Authentication: You will have to scan the QR code on your mobile using the miniOrange app.
Push Notification: You will receive a push notification to accept or deny the login request on your smartphone. (Similar to the one that Google Provides while logging into Google account)
Google Authenticator: Already discussed earlier.
Authy two-factor authentication: Similar to Google authenticator but a different smartphone app.
Security Questions: Hope you know it! 😀
- That’s a lot of options that you can configure on your blog and honestly it is great.
So these were the two of the best free WordPress plugins you can use on your WordPress blog to make it more secure. If you have any more plugins in mind, then do let us know in the comment section below.
If you liked this post (How to Setup Two-Factor Authentication on a WordPress Blog), then don’t forget to share it with your friends on Facebook and Twitter.
Also if you have any query or problem while setting up the plugins then let us know. We will be glad to help you out.