How to Enable WordPress Two-Factor Authentication

In this tutorial, you will learn how to enable WordPress two-factor authentication. Let’s check it out!

What Is WordPress Two-Factor Authentication?

Two-Factor Authentication or 2-Step-Verification is a great way to add an extra layer of security to your WordPress website. It secures your site against password theft, phishing, and even brute-force attacks. It makes it impossible for anyone else to access your admin panel without a unique code.

In other words, even if someone manages to guess your password, they’d still need another piece of information sent to your mobile device.

Enabling WordPress Two-Factor Authentication

The easiest way to enable Two-Factor Authentication (2FA) is through a plugin called Google Authenticator. Firstly, log in to your WordPress dashboard and install the plugin.

Once the plugin is installed and activated, there a few things you need to do to set it up:

1. Go to the Settings -> Google Authenticator.
2. Change the settings as needed. In this example, we’re enabling 2FA for sites’ administrators and editors.
3. Once done, press Save Changes then head back to Installed Plugins. You’ll be redirected to another settings page with a QR code scan.
4. Download the Google Authenticator app on your phone and scan the QR code.
5. Insert the generated code on your phone in the Authenticator Code field and verify it.
6. That’s it! You have successfully enabled WordPress Two-Factor Authentication for your site.

Next time you log in to your WordPress, you’ll be asked to provide the code on your phone.

Disabling WordPress Two-Factor Authentication

If you lost your phone or have no other way of accessing your WordPress Dashboard, you can easily disable the plugin by using the File Manager or an FTP client.

You will need to navigate to wp-content -> plugins and rename the plugin folder by putting the word disabled separated by an underscore ( _ ).

It will immediately deactivate the plugin for your WordPress account. If you want to re-activate it, set the name to the original value and it will work again.

Conclusion

There you have it! By following this guide, you have learned how to enable WordPress two-factor authentication for your WordPress site with a free Google Authenticator plugin. Now, even if someone gets a hold of your password, you don’t need to worry. Culprits won’t be able to get in without the generated code that changes every few seconds.