So much have been said about site hacking and the best practices to protect WordPress blogs. I have personally published some articles about recent WordPress hack attempts and how to stay safe on this blog. But the truth is that any password can be cracked it’s just only a matter of time but with Google 2-step verification, you are surely adding another security layer to your site.
Today I want to teach you how I enabled Google 2-step verification on my WordPress blog – Netmediablog. But first let me explain to you how Google 2-step verification works. Whenever you want to login to the admin dashboard of your WordPress site, you will be required to enter your username and password as you normally used to do, then enter a random generated code from your phone.
Google 2-step verification will reduce the chances of your account being hacked since a random code will have to be generated every time you want to login to your dashboard. So even if someone knows your username and password, they still can’t have access to your dashboard since it is required they will enter the random generated code from your phone.
Enable Google 2-step verification on WordPress
Now let’s get started, this tutorial is a very simply and straight forward one, so follow the guide carefully to enable Google 2-step verification on your WordPress site.
First download and install the Google authenticator app on your smartphone/tablet (Android, iOS, Windows phone, Blackberry, PalmOS, webOS only). For the sake of this tutorial I will be using Android as the example.
Then install and activate the Google Authenticator plugin on your WordPress blog. Visit your WordPress account profile (Users > Your Profile) you will notice the addition of Google authenticator settings pane.
Next is to configure the Google authenticator settings according to your need. Check the “Active” checkbox to enable the Google 2-step verification on your WordPress blog or the “Relaxed mode” to enable a relaxed mode that will allow you to use the random generated code on your phone for up to 4 minutes.
Next is the description and secret key, just enter any description that will best describe your blog, in my case I simply entered the name of my blog there. Then copy the secret key and save it somewhere secure. Scan the generated QR code with your phone or enter the secret manually on your phone.
You may not need the rest part of the settings except you are using XML-RPC (remote publishing) on your blog. If you do then check the “Enable App password” checkbox and save your settings.
Launch the Google authenticator app you installed on your smartphone/tablet. Enter same description you entered on your profile page on the Google authenticator app on your smartphone and the secret key too.
Then choose the time-based type of key (this will generate ransom codes that will last just one minute before it expires) and tap on “Add” to save your Google authenticator app on your smartphone.
Next is to log out and re-login to your WordPress dashboard. Every time you want to login to your dashboard, after entering your username and password as usual, open the Google authenticator app on your phone and enter the 6-digits code and login. If you do not get the code correctly you won’t be able to login to your dashboard.
Now I hope you find this tutorial interesting and I recommend you enable Google 2-step verification on your WordPress blog today to stay safe. If you have any questions or contributions concerning this topic “How to enable Google 2-step verification on WordPress“, please use the comment section to share/ask.
If you have not subscribed to my RSS feed, I will also recommend you do so now so you won’t lose any of my interesting articles.