WP Rocket - WordPress Caching Plugin

How to Activate Two Step Authentication in WordPress For Free

Sharing is caring!

two step authentication wordpress

We use two-step verification to secure any web account including Gmail, Outlook and social media sites. It prevents hackers to access your account without giving verification code sent to your mobile.

Most of the current blogs are running on WordPress platform. Because of the increasing number of cyberattacks, WordPress has updated their password policy last year. They do everything to secure your contents and sites, but what about you?

How much conscious you are, about blog security? Are you using any security plugins or at least CAPTCHA plugins to prevent invalid login attempts?

Two-Step Authentication in WordPress

There are several plugins designed for the purpose, but most of them came with limited functionality for free users. Thanks to Henrik Schack, who has developed a free plugin called Google Authenticator, to strengthen WordPress security.

Read How to Enable Captcha on WordPress Login Page

Step 1

Go to Plugins > Add New and search for ” Google Authenticator” plugin. Install and activate it.

wordpress two-factor authentication


Step 2

Visit Users > Your Profile. Put a tick mark on Active and Relaxed mode. Update the profile.

wordpress two-factor authentication

Step 3

Install the Authenticator app from your phone’s app store.

Click + icon on app’s screen, to add a new site. Point phone camera towards QR code displayed on the site. After finishing the scan, the said blog will be added to the verification enabled sites list of app.

You can add two-step authentication to an unlimited number of sites. Each user has to follow the above-mentioned steps to activate the function.

Now you will be forcefully logged out from WordPress. The new login screen will have one more field to enter the authenticator code.

two step authentication wordpress

Enter your username and password, as usual. Then go to Google Authenticator to generate the verification code.

two step authentication wordpress

Remember that, the code is valid for maximum of 4 minutes (since you have activated Relaxed mode in step 2) after that it will be expired.

Read The 7 Best Two-Factor Authentication Plugins for WordPress in 2019