How To Improve The Security Of A WordPress Website By Setting Up Two Factor Authentication.
Two-Factor Authentication is a good way to improve the security to any WordPress website. It makes it more difficult for attackers to gain access to your wordpress website through brute-force attacks among many other threats. Two-factor authentication (2FA) is an extra step added to the log-in process, such as a code sent to your phone or a fingerprint scan, that helps verify your identity and prevent an attacker from accessing your private information. Even if an attacker were to crack your site password they still have to have the unique 2FA verification code to be able to complete the login process. There are many types. of two factor authentication 2FA and these include, HARDWARE TOKEN 2FA, SMS AND VOICE 2FA, SOFTWARE TOKENS FOR 2FA, 2FA PUSH NOTIFICATIONS, BIOMETRIC 2FA and USER LOCATION 2FA. Continue reading this tutorial to learn how to improve the security of a wordpress website by setting up two factor authentication (2FA) in a few simple steps. If you prefer watching a video tutorial, click on the “VIEW YOUTUBE TUTORIAL” button below.
In order to complete this tutorial successfully the following is a list of items that may be needed or required. Please ensure to have these items available before taking implementation action on this tutorial:
1) A registered domain name and a CPANEL hosting account.
2) Administrative access to a wordpress website
3) The Google Authenticator wordpress plugin.
4) The Twilio wordpress plugin.
Step 1: Install The Google Authenticator Plugin And Mobile App.
1) Open any web browser and login to the WordPress administration dashboard and search for “GOOGLE AUTHENTICATOR” on the search bar.
There are many google authenticator plugins available on wordpress, and you may choose any other plugin. However it is recommended to choose a plugin that has been tested with your version of wordpress.
On this tutorial the “GOOGLE AUTHENTICATOR” plugin from miniOrange is used.
2) On the wordpress dashboard click on the miniOrange 2 factor option and select the “TWO FACTOR” tab. On the GOOGLE AUTHENTICATOR option click on the configure button.
You will be asked to register an account with miniorange, enter an email address and password on the appropriate sections and click on “NEXT”
Take note of and save the CUSTOMER ID, TOKEN KEY AND API KEY.
3) The next step is to download the google authenticator app on the google play store if you are using an android phone or on the app store if you are using an iPhone.
Alternatively the AUTHY AUTHENTICATOR app or LASTPASS AUTHENTICATOR app can be used.
4) Next, add the miniOrange account to the google authenticator app by scanning the QR code on the “TWO FACTOR” tab. If you cannnot scan the QR code due to a mulfunctioning camera or due to low light conditions simply tap on the “ENTER A PROVIDED KEY” option.
Type in an account name and the miniOrange secret key on the “YOUR KEY” text input box.Make sure that Time-based is selected and click on “ADD”.