Dotlayer
  • News
  • Startups
  • Tutorials
  • SEO
  • Marketing
  • Interviews
No Result
View All Result
Dotlayer
  • News
  • Startups
  • Tutorials
  • SEO
  • Marketing
  • Interviews
No Result
View All Result
Dotlayer
No Result
View All Result

WordPress Security: How to Enable Two-Factor Authentication For WordPress

June 30, 2017
in Tutorials
0 0
Share on FacebookShare on Twitter

With all the current news about hackers gaining access to websites and computers, it’s a good time to re-evaluate the security of your website. There are a couple of ways that your website can be vulnerable to hackers.

Aside from hacker executing malicious from a PHP or Apache exploit (which in most cases can be prevented by using a CDN), a hacker can use a brute-force attack to gain login access to your website by a valid username and password.

One of the commonest ways that most modern companies use to protect their websites these days is the use of Two-Factor Authentication. High-traffic websites like Facebook and Google have added this option and it has protected their users from several attacks. By using Two-Factor Authentication (2FA) even if someone stole your password, they will need to enter a security code from your phone to gain access so it will render the hack useless.

What is Two Factor Authentication, also known as 2FA,

Two Factor Authentication, which is also referred to as 2FA or two-step verification or TFA (as an acronym) or multi-factor authentication, is an added layer of security that requires a physical token or code that only the user has access to in addition to the username or password. By using the username and password together with this piece of information that only the user knows, it becomes substantially more difficult for potential intruders to gain access and steal that person’s personal data or identity.

For most current users, the physical token used in Two Factor Authentication is either a phone call where the user gets a code, a text message or an app that returns a one-time valid code.

How to enable 2FA in WordPress,

There are two plugins that allow you to enable Two-Factor Authentication in WordPress:

  • Two Factor
  • Two Factor SMS

You need to download and install these 2 WordPress Plugins, once you have successfully installed the plugins, visit the plugins WordPress plugin dashboard and activate them.

Due to the fact that the plugins require a user to be sent a text message, you need to enable the SMS API platform called Twilio to allow you to use them. Once you activate the plugin, you will need to provide your Twilio account information.

Twilio is an API platform that offers phone, voice messaging, and SMS services to use with your own applications. They also have a limited free plan which would be sufficient for our purpose of setting up 2FA. At this point, if you don’t have a Twilio account visit the Twilio website and create your free account.

Once you visit Twilio, create a free account and enable the Programmatic SMS option. This will allow your WordPress instance send API calls to the SMS API and allow you to send verification codes to your phone.

Once you have finished the setup at Twilio, you can then copy your account number, API keys and SID codes to WordPress. When all this is accomplished, you can now log out from your WordPress site to see the plugin in action. If you log out before setting up Twilio you might not be able to log back in.

On the login screen, first, you will provide your WordPress username and password. After that, you will receive an SMS notification on your phone, and you will be asked to enter the code you received like in the diagram below:

After you enter the SMS code, you will be able to access your WordPress dashboard. Whilst this method good, there are many cases that it might not work out as well. Especially when you are unable to receive text messages for some reason. We will be going into alternatives to text message based 2-factor authentication.

We hope this article will help you when thinking about securing your website. Also, feel free to reach out to one of our experts to talk about the best ways we can help you secure your website. If you enjoyed reading this article or it was a helpful resource, then please share it or leave a comment below and let us know what you think. You can also find us on Twitter and Facebook.

ShareTweetPin
Previous Post

A Comprehensive List of Animal Words to Use When Choosing the Perfect Domain Name

Next Post

20 WordPress Core Functions That Don’t Scale and How to Work Around Them

Next Post

20 WordPress Core Functions That Don’t Scale and How to Work Around Them

You might also like

Mint Linux vs Ubuntu: Which is Right For You?

Mint Linux vs Ubuntu: Which is Right For You?

March 12, 2022
Net Neutrality: What is it and Why Should You Care?

Net Neutrality: What is it and Why Should You Care?

March 12, 2022
Solid State Drives – Why You Should Buy One Today

Solid State Drives – Why You Should Buy One Today

March 12, 2022

Machine Learning Algorithms Every Beginner Should Know

January 25, 2022
What Is the log4j Vulnerability, log4shell, an Example Step-By-Step Exploit and How to Fixed It

What Is the log4j Vulnerability, log4shell, an Example Step-By-Step Exploit and How to Fixed It

December 11, 2021
Simple Video Call integration into Website with Jitsi

Simple Video Call integration into Website with Jitsi

May 26, 2020
  • Terms of Service
  • Privacy Policy
  • Careers

© 2021 Dotlayer.com

No Result
View All Result
  • About Us
  • Advertise
  • Blog
  • Careers
  • Contact
  • Contact Us
  • Get Featured
  • Home Layout 1
  • Home Layout 2
  • Home Layout 3
  • Privacy Policy
  • Security
  • Services
  • Subscribe To Dotlayer
  • Terms of Service
  • Write For Us

© 2021 Dotlayer.com

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In