How to Enable WordPress Two-Factor Authentication
access_time
hourglass_empty
person_outline

How to Enable WordPress Two-Factor Authentication

In this tutorial, you will learn how to enable WordPress two-factor authentication. Let’s check it out!

What Is WordPress Two-Factor Authentication?

Two-Factor Authentication or 2-Step-Verification is a great way to add an extra layer of security to your WordPress website. It secures your site against password theft, phishing, and even brute-force attacks. It makes it impossible for anyone else to access your admin panel without a unique code.

In other words, even if someone manages to guess your password, they’d still need another piece of information sent to your mobile device.

Enabling WordPress Two-Factor Authentication

The easiest way to enable Two-Factor Authentication (2FA) is through a plugin called Google Authenticator. Firstly, log in to your WordPress dashboard and install the plugin.

Once the plugin is installed and activated, there a few things you need to do to set it up:

  1. Go to the Settings -> Google Authenticator.
  2. Change the settings as needed. In this example, we’re enabling 2FA for sites’ administrators and editors.Changing Google Authenticator settings for WordPress user roles
  3. Once done, press Save Changes then head back to Installed Plugins. You’ll be redirected to another settings page with a QR code scan.Verifying Google Authenticator code in WordPress
  4. Download the Google Authenticator app on your phone and scan the QR code.
  5. Insert the generated code on your phone in the Authenticator Code field and verify it.
  6. That’s it! You have successfully enabled WordPress Two-Factor Authentication for your site.

Next time you log in to your WordPress, you’ll be asked to provide the code on your phone.

ProTip! Remember that the code on the mobile app changes every 30 seconds, so we strongly recommend keeping the app installed.

Disabling WordPress Two-Factor Authentication

If you lost your phone or have no other way of accessing your WordPress Dashboard, you can easily disable the plugin by using the File Manager or an FTP client.

You will need to navigate to wp-content -> plugins and rename the plugin folder by putting the word disabled separated by an underscore ( _ ).

Disabling Google Authenticator Hostinger's File Manager

It will immediately deactivate the plugin for your WordPress account. If you want to re-activate it, set the name to the original value and it will work again.

Conclusion

There you have it! By following this guide, you have learned how to enable WordPress two-factor authentication for your WordPress site with a free Google Authenticator plugin. Now, even if someone gets a hold of your password, you don’t need to worry. Culprits won’t be able to get in without the generated code that changes every few seconds.

The Author

Author

Gediminas B. / @gedziuzzz

Gediminas was a passionate content writer and SEO geek at Hostinger. He started his journey at customer support and aims to use his gathered knowledge to create the most epic content the world has ever seen. From WordPress to server management, there's no topic he can't cover! He also likes cats.

Related tutorials

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Become a part of Hostinger now!

More in WordPress
How to Add PHP Code to WordPress Post or Page

Close