TWO-FACTOR AUTHENTICATION
Two-factor authentication (2FA)?strengthens the security of online account access (authentication) by making users provide two distinct forms of mandatory user identification. This prevents hackers from accessing private user information easily by enhancing overall security.?
Two-Factor Authentication (2FA) works by adding additional login credentials – beyond username and password – to gain account access. Getting the second credential requires access to something that belongs solely to the user, without which it’s impossible to enter the user account. This additional security effectively makes it impossible for hackers to access an account using only stolen login/password information.
HOW TO SET UP TWO FACTOR AUTHENTICATION FOR WORDPRESS?
To enable 2FA for WordPress, you need to install an additional plugin called?WP 2FA. If you run a multi-user WordPress website such as a membership site, then this plugin allows you to enable or enforce two-factor authentication for all the users on your site.
Step 1: Install the WP 2FA Plugin?
Here’s how you can install the WP 2FA plugin:
From the?Add Plugins?page (shown below), click on?Choose File?button and upload the zip file you saved to your local computer.
Step 2: Configure the Admin Panel To Enable 2FA
Step 3: Configuring 2FA On User Dashboard
On their very next login, users will see a message (as given below) before they can start viewing the dashboard.
The plugin will now ask you to choose an authentication method. It comes with two options (app or email), but it is recommended to choose the?authentication via app method, as it is more secure and reliable.
领英推荐
The plugin will now show you a QR code which you need to scan using an authenticator app (for example, google authenticator app). An authenticator app is a smartphone app that generates a temporary one-time password for the accounts that you save in it. The authenticator app will now save your website account, and it will start showing one-time passwords that you can use to log in.
The plugin will now ask you to verify your one-time password. Click on your account in the authenticator app, and it will show you a six-digit one-time password that you can enter.
After that, the plugin will give you an option to generate and save the backup codes. These codes can be used in case you don’t have access to your phone. It is advisable to print these backup codes and put them somewhere safe. You can exit the setup wizard after these steps.
Note: Users can access the dashboard only if they have set up the 2FA as suggested above.
On the next login, the user will be asked for an authentication code (in addition to password) as below.
CONCLUSION
Two-factor authentication is an add-on security system that requires two distinct forms of identification in order to access something. WP2FA is the most recommended plugin to enable multi-factor authentication in WordPress as it is easy to use and maintains security. Even non-technical users can set up this plugin if they follow the step-by-step instructions given in this document.
About the Author
Sreedevi J S?| Cloud DevOps Engineer | Cloud Control
Are you planning to move your business to?CLOUD?rapidly? Using our migration platform AppZ customers are moving to?CLOUD?RAPIDLY!
Get in touch with?CloudControl?for a consultation and feel free to contact us at:?[email protected].
Would you like to have a deep dive into AppZ?
Feel FREE to?book a 60 minutes deep dive session with us here.
Visit us:?www.ecloudcontrol.com