How To Improve The Security Of A WordPress Website By Setting Up Two Factor Authentication.

Two-Factor Authentication is a good way to improve the security to any WordPress website. It makes it more difficult for attackers to gain access to your wordpress website through brute-force attacks among many other threats. Even if an attacker were to crack your site password they still have to have the verification unique code that only accessible from your mobile phone. Continue reading this tutorial to learn how to setup and enable two factor authentication (2FA) on any wordpress website.

Requirements.

In order to complete this tutorial successfully the following items are required. Please ensure to have these items available before taking implimentation action on this tutorial:
1) Administrative access to a wordpress website
2) The Google Authenticator wordpress plugin.
3) The Twilio wordpress plugin.

Overview.

1) 
2)
3) 

Step One: Install The Google Authenticator Plugin And Mobile App.

1)  Open any web browser and login to the WordPress administration dashboard and search for “GOOGLE AUTHENTICATOR” on the search bar. 

There are many google authenticator plugins available on wordpress, and you may choose any other plugin. However it is recommended to choose a plugin that has been tested with your version of wordpress.

On this tutorial the “GOOGLE AUTHENTICATOR” plugin from miniOrange is used.

 

2) On the wordpress dashboard click on the miniOrange 2 factor option and select the “TWO FACTOR” tab. On the GOOGLE AUTHENTICATOR option click on the configure button.

You will be asked to register an account with miniorange, enter an email address and password on the appropriate sections and click on “NEXT”

Take note of and save the CUSTOMER ID, TOKEN KEY AND API KEY.

 

3) The next step is to download the google authenticator app on the google play store if you are using an android phone or on the app store if you are using an iPhone.

Alternatively the AUTHY AUTHENTICATOR app or LASTPASS AUTHENTICATOR app can be used.

4) Next, add the miniOrange account to the google authenticator app by scanning the QR code on the “TWO FACTOR” tab. If you cannnot scan the QR code due to a mulfunctioning camera or due to low light conditions simply tap on the “ENTER A PROVIDED KEY” option.

Type in an account name and the miniOrange  secret key on the “YOUR KEY” text input box.Make sure that Time-based is selected and click on “ADD”.