How-to Add 2 Factor Authentication to WordPress

What is 2 Factor Authentication?

2 Factor Authentication or 2FA for short, adds another layer of security that requires not only the traditional username and password, but also a 6 digital number that is automatically generated on your mobile phone and changes every 60 seconds.  In this article we will be showing you how to add Google Authentication to your WordPress site.

Please note this article is aimed at confident experienced users and the steps listed are designed to provide you a general direction not a step by step guide.

Requirements

To get started, you will need access to a WordPress site (suggest using a test site first and ensure you have working backup copies before you begin), and a mobile phone (Android or iOS).

Lets Get Started

  1. First download the Google Authenticator mobile app for Android or iOS and setup your account.
  2. Next you’ll need to log into your WordPress website using an account with admin privileges.
  3. Download and activate the following Plugins.
    Google Authenticator by Henrik Schack
    Google Authenticator – Per User Prompt
  4. Go to Users and edit your profile.
  5.  Scroll down to the heading titled Google Authenticator Settings, and tick the box to ‘Activate’.
  6. Edit the description with the name of your site and click the ‘Show’Hide QR code’ button.
  7. Grab your phone and open the Google Authenticator app.  Click to add a new code and select the ‘Scan a barcode’ option.
  8. You should now see the site listed on the mobile app along with a time indicator before the code changes again.
  9. Don’t forget to click the ‘Update Profile’ button on your site to save the changes.

You can now log out and test out the new logon process.

2 factor authentication

If you ever find yourself stuck and unable to log in you can either update the user profile again and remove the tick from the ‘Activate’ option or if all else fails, you can FTP to your web host and delete or rename the Google Authenticator plugin(s).