Online security is the most important issue for any website.There are thousands of website and everyday many websites are hacked or attacked for poo security.As WordPress is the the most popular platform it’s also has some risk to be hacked or attacked.So the security is a big issue for the owner.
To keep your site secure the first think is don’t use the default username and weak password.It’s the main reason behind your site get attacked.Always use a strong and unique password, rather than a common, easy to guess password.
Google offers you 2-Step Verification(two-factor authentication) for the security of your site.As usual you need a username and password to login but with Google 2-Step Verification you need to enter a 6 digit number after provide your username and password.If you enter the correct username and password but can’t provide the 6 digit number then you will not be able to log into your site.
If your password and user name get lost nothing to worry no one can access your account without the 6 digit number.
Google Authenticator WordPress Plugins
There are three free Google Authenticator plugins are available at the time of writing.All of this plugins features are same.Take a short look of them.
This plugin is created by Henrik Schack which has more than 10,000 active installs.The Google Authenticator plugin for WordPress gives you two-factor authentication using the Google Authenticator app for Android/iPhone/Blackberry.The two-factor authentication requirement can be enabled on a per-user basis. You could enable it for your administrator account, but log in as usual with less privileged accounts.
It was created by Julien Liabeuf and this plugin also uses the Google Authenticator app.The main features of this plugins are
- Adds 2-factor authentication to WordPress login page,
- Can be eanbled for each user independantly,
- Admin can force users to use 2FA (and limit the number of allowed logins without setting up 2FA). The use of 2FA can be forced for all users or for specific roles,
- Support applications passwords (with access log),
- If admin forces users to use 2FA, users who didn’t set it up will be reminded with a warning in their dashboard,
- Set any name you want to appear in the Google Authenticator app,
- Allow clock discrepancy (mins +/-)
This plugin modifies the way that Google Authenticator behaves so that only users who have it enabled are prompted for the token. If a user doesn’t have it enabled, then they’ll proceed directly to the Administration Panels; if they do have it enabled then they’ll be prompted to enter their 2FA code.
How to Install Google Authenticator on Your WordPress Website
At firs download the plugin and install it.After installing it’s time to setup the plugin.Activate the plugin and it will add a sub menu to the Setting options.
Let’s take a look of all the options of this plugin.
- Activate the Plugin
- Force Use
- Site Name
- Max Attempts
- Authorized Delay
Now Your task is to generate your secret and setup the mobile app.You can download the Google Authenticator mobile app from the following link.
Then go to your profile and search for “WP Google Authenticator Settings” section, and click the “Generate Key” button.The page will be reload and then click the get QR Code.And the last and final step is to flash the QR Code with the Google Authenticator app on your mobile device.
Tha’t all.With this easy and small process your site is protected with 2-factor authentication.