To safely login to WordPress admin generally you only need a username and password. If people knows your password they are absolutely going to mess with your website by making bad changes like delete your posts or reconfigure your website. With two factor authentication (2FA) it could prevent people to use your username and password.
For short, access to WordPress admin will be blocked, until you put the authentication code that has been sent to your phone. Two factor authentication is the best way to add extra security for your website. In this tutorial, you will learn how to activate two factor authentication for your WordPress website to safely login to wordpress.
What do you need?
Befor you start to the next step, Please make sure you have :
- Access to your WordPress admin dashboard
- Phone number
We recommend you to do a backup for your website The purpose here is to let you restore your website data if something wrong or fail in plugin installations.
Step 1 : Choose Plugin
There are some available two factor authentication you can use :
- Authy Two Factor Authentication
- Google Authenticator
- Clef Two-Factor Authentication
- Wordefenve Security
In this tutorial we will be using Authy Two Factor Authentication.
Step 2 : How to Safely Login WordPress Admin with Two Factor Authentication With Authy Plugin
- Log in to your wordpress admin.
- Next Chooose Plugin > Add New and type on authy . Click Install.
- After that activate the plugin by clicking on Activate button.
Step 3 : Creating Authy Account
After that plugin was installed, you need to take extra step to make your website security fully integrated.
- Firstly, you need to create Authy account to get API Key. Please fill up your data just like below with your private data.
- Choose Authy and click Get Started.
- Click Enable Two-Factor Authentication.
- Choose radio button ONCE PER COMPUTER to login without Authentication code for 30 days in other specific computer. Then click
- Please enter your phone number that you will be using to receive verification code from Authy and click Text me.
- Enter the code you received from Authy and click
- Now is time to create a name for your application. In this case we will create safely login to wordpress. If you are done, click Create App.
- Next click Setup App
- For the last step you need to copy the API Key and enter it to your WordPress plugin settings.
Step 4 : Configuring And Testing Authy Plugin for You to Safely Login to WordPress
- To make the plugin work, copy the API Key to WordPress admin Dashboard > Settings > Authy.
- If you have successfully copied the API Key, please click Users menu and activate Two-Factor Authentication for your user, just like below picture.
- After choosing users, please scroll down a little and click Enable/Disable Authy.
- Enter your phone number and click You will receive a message with code everytime you logged in to WordPress Dashboard.
- Now let’s try it by log out from your WordPress dashboard and re-login. Below is a screenshot of Authy asking you the verification code and you have to enter the correct code.
Step 5 : Disabling Two-Factor Authentication (Optional)
If you have lost your phone and you don’t have any idea to access your WordPress dashboard, you will be easily de-activating your plugin using File Manager or with FTP Client. Please go to wp-content folder > Plugins and just rename authy-two-factor-authentication folder.
For example, you can change it to authy-two-factor-authentication.disabled so you will be easily notice that Authy plugin was deactivated. If you want reactivate it, all you need to do is rename it back to normal.
With following this guide you have learned how to safely login to WordPress with activating Two-Factor Authentication. Now you will have nothing to worry if somebody knows your username and password to mess with your website. After activating plugin you will be asked for a code everytime you want to safely login to WordPress admin. You can also activate this feature for other users in your blog, like author or your editor. Authy Plugins are needed for you to safely login to wordpress without getting worried. Also there are still few plugins that allow you to safely login to wordpress admin dashboard with other method. But this plugin is best to get you safely login to wordpress dashboard.