How to add two-factor authentication to your WordPress website

Home » Tutorials » Wordpress » How to add two-factor authentication to your WordPress website
Table of Contents

In one of my previous articles I showed you how to add an extra security layer to your WordPress website by hiding the login page. Today I will show you how to take this to the next level by adding a two-factor authentication to your WordPress admin dashboard.

How does the two factor authentication work?

How does it work? Two-factor authentication (FA) is a security process that requires two separate forms of identification to verify a user’s identity when they try to log in to an account. This adds an extra layer of security, making it much harder for unauthorized users to access an account, even if they know the password.

Two factor authentication process

Example of a Two-Factor Authentication Process: Step 1: You enter your username and password on the login page of your account. Step 2: The system checks your password. If correct, it moves on to the second step. Step 3: The system sends a one-time code to your mobile phone or generates a code through an authentication app. Step 4: You enter the code received on the next screen. Step 5: If the code is correct, you gain access to your account. If not, access is denied.

Step-by-step guide for adding two-factor authentication to your WordPress website

01 Login to your WordPress dashboard

So let’s make your website more secure! Login to your WordPress dashboard.

two-factor authentication wordpress

02 Click “Add New Plugin”

Navigate to the “Add New Plugin” section.

two-factor authentication wordpress

03 Click “Search Plugins”

Search for plugins by clicking on the “Search Plugins” field.

two-factor authentication wordpress

04 Fill “security optimizer”

Fill in “security optimizer”

two-factor authentication wordpress

05 Click “Install Now”

Install the selected plugin by clicking on “Install Now”.

two-factor authentication wordpress

06 Click “Activate”

Activate the installed plugin by clicking on “Activate”.

two-factor authentication wordpress

07 Click “Dashboard”

Access the plugin’s dashboard by clicking on “Dashboard”.

two-factor authentication wordpress

08 Click “Confirm”

You will be presented with a couple of data and marketing options. Click “Confirm” when you are ready with your selection.

two-factor authentication wordpress

09 Click “Manage Login”

Manage the login settings by clicking on “Manage Login”.

two-factor authentication wordpress

10 Install the Google Authenticator app

efore you activate the Two Factor Authentication, take your phone and install the Google Authen- ticator app. It will allow you to get the authentication code which will be needed to login to your WordPress website. The app is available for Android and IOs phones.

add two-factor authentication wordpress

11 Make sure the app is installed and working!

efore you dive into the world of double-layer security, make sure your authenticator app is installed and actually opens—because, trust me, trying to activate Two-Factor Authentication without a working app is like trying to lock your door with a spoon. If the app isn’t cooperating or refuses to install, well, consider yourself locked out of your WordPress website faster than you can say, “Where’s my backup plan?”

add two-factor authentication wordpress

12 Activate the two-factor authentication option

Enable the Two Factor Authentication on your WordPress website by switching the toggle.

add two-factor authentication wordpress

13 Click “Log Out”

Logout from the Dashboard by clicking on “Log Out” button.

add two-factor authentication wordpress

14 Confirm “log out”

Confirm that you want to logout.

add two-factor authentication wordpress

15 Log in to your WordPress Website

Go to your login page and enter your credentials. Click the Login button when ready.

two-factor authentication wordpress security

16 Two-factor authentication QR Code

On the next page you will see a QR code.

two-factor authentication wordpress security

17 Go to Scan QR code.

Open the Authenticator app on your phone press and the plus sign at the bottom right corner and then press “Scan a QR code”.

two-factor authentication wordpress security

18 Scan the QR code

The camera on your phone will activate and you have to scan the QR code displayed on your website.

two-factor authentication wordpress security

19 Your website and code

Your website will be added to the list in the app and there will be a code beneath it. You will be asked to enter this code every time your try to login to your WordPress admin dashboard.

two-factor authentication wordpress security

20 Fill in your code

Enter the code from the Authenticator app in your website.

two-factor authentication wordpress security

21 Do not challenge me option

If you do not want to use the Two Factor Authentication for a period of time you can mark the checkbox – Do not challenge me for the next 30 days.

two-factor authentication wordpress security

22 Click “Authenticate”

Complete the process by clicking on “Authenticate”.

two-factor authentication wordpress security

23 Confirm you have saved the restore codes

On the next screen you will see a few codes. Print them or save on a secure location. The will be needed in case you lose your phone or the authenticator app is uninstalled. Confirm you have saved the codes by marking the checkbox.

two-factor authentication wordpress security

24 Click “Continue”

Proceed by clicking on “Continue.

two-factor authentication wordpress security

25 Logged in

You will be logged in back to your WordPress dashboard.

two-factor authentication wordpress security