We use two step verification to secure any web account including Gmail, Outlook and social media sites. It prevents hackers to access your account without giving verification code sent to your mobile.
Most of the current blogs are running on WordPress platform. Because of the increasing number of cyber attacks, WordPress has updated their password policy last year. They do everything to secure your contents and sites, but what about you ?
How much conscious you are, about the blog security ? Have you using any security plugins, or at least for login purposes that confirms your identity before signing in ?
There are several plugins designed for the purpose, but most of them came with limited functionality for free users. Thanks to Henrik Schack, who has developed a free plugin called Google Authenticator, to strengthen WordPress security.
Go to Plugins > Add New and search for ” Google Authenticator” plugin. Install and activate it.
Visit Users > Your Profile. Put tick mark on Active and Relaxed mode. Update the profile.
Install Authenticator app from your phone’s app store.
Click + icon on app’s screen, to add a new site. Point phone camera towards QR code displaying on the site. After finishing the scan, the said blog will be added to the verification enabled sites list of app.
You can add two step authentication to unlimited number of sites. Each user has to follow the above mentioned steps to activate the function.
Now you will be forcefully logged out from WordPress. New login screen will have one more field to enter the authenticator code.
Enter your username and password, as usually. Then go to Google Authenticator to generate the verification code.
Remember that, the code is valid for maximum 4 minutes (since you have activated Relaxed mode in step 2) after that it will be expired.