We use two-step verification to secure any web account including Gmail, Outlook and social media sites. It prevents hackers to access your account without giving verification code sent to your mobile.
Most of the current blogs are running on WordPress platform. Because of the increasing number of cyberattacks, WordPress has updated their password policy last year. They do everything to secure your contents and sites, but what about you?
How much conscious you are, about blog security? Are you using any security plugins or at least CAPTCHA plugins to prevent invalid login attempts?
Two-Step Authentication in WordPress
There are several plugins designed for the purpose, but most of them came with limited functionality for free users. Thanks to Henrik Schack, who has developed a free plugin called Google Authenticator, to strengthen WordPress security.
Go to Plugins > Add New and search for ” Google Authenticator” plugin. Install and activate it.
Visit Users > Your Profile. Put a tick mark on Active and Relaxed mode. Update the profile.
Install the Authenticator app from your phone’s app store.
Click + icon on app’s screen, to add a new site. Point phone camera towards QR code displayed on the site. After finishing the scan, the said blog will be added to the verification enabled sites list of app.
You can add two-step authentication to an unlimited number of sites. Each user has to follow the above-mentioned steps to activate the function.
Now you will be forcefully logged out from WordPress. The new login screen will have one more field to enter the authenticator code.
Enter your username and password, as usual. Then go to Google Authenticator to generate the verification code.
Remember that, the code is valid for maximum of 4 minutes (since you have activated Relaxed mode in step 2) after that it will be expired.