So much have been said about site hacking and the best practices to protect WordPress blogs. I have personally published some articles about recent WordPress hack attempts and how to stay safe on this blog. But the truth is that any password can be cracked it’s just only a matter of time but with Google 2-step verification, you are surely adding another security layer to your site.
Today I want to teach you how I enabled Google 2-step verification on my WordPress blog – Netmediablog. But first let me explain to you how Google 2-step verification works. Whenever you want to login to the admin dashboard of your WordPress site, you will be required to enter your username and password as you normally used to do, then enter a random generated code from your phone.
Google 2-step verification will reduce the chances of your account being hacked since a random code will have to be generated every time you want to login to your dashboard. So even if someone knows your username and password, they still can’t have access to your dashboard since it is required they will enter the random generated code from your phone.
Enable Google 2-step verification on WordPress
Now let’s get started, this tutorial is a very simply and straight forward one, so follow the guide carefully to enable Google 2-step verification on your WordPress site.
First download and install the Google authenticator app on your smartphone/tablet (Android, iOS, Windows phone, Blackberry, PalmOS, webOS only). For the sake of this tutorial I will be using Android as the example.
Then install and activate the Google Authenticator plugin on your WordPress blog. Visit your WordPress account profile (Users > Your Profile) you will notice the addition of Google authenticator settings pane.
Next is to configure the Google authenticator settings according to your need. Check the “Active” checkbox to enable the Google 2-step verification on your WordPress blog or the “Relaxed mode” to enable a relaxed mode that will allow you to use the random generated code on your phone for up to 4 minutes.
Next is the description and secret key, just enter any description that will best describe your blog, in my case I simply entered the name of my blog there. Then copy the secret key and save it somewhere secure. Scan the generated QR code with your phone or enter the secret manually on your phone.
You may not need the rest part of the settings except you are using XML-RPC (remote publishing) on your blog. If you do then check the “Enable App password” checkbox and save your settings.
Launch the Google authenticator app you installed on your smartphone/tablet. Enter same description you entered on your profile page on the Google authenticator app on your smartphone and the secret key too.
Then choose the time-based type of key (this will generate ransom codes that will last just one minute before it expires) and tap on “Add” to save your Google authenticator app on your smartphone.
Next is to log out and re-login to your WordPress dashboard. Every time you want to login to your dashboard, after entering your username and password as usual, open the Google authenticator app on your phone and enter the 6-digits code and login. If you do not get the code correctly you won’t be able to login to your dashboard.
Now I hope you find this tutorial interesting and I recommend you enable Google 2-step verification on your WordPress blog today to stay safe. If you have any questions or contributions concerning this topic “How to enable Google 2-step verification on WordPress“, please use the comment section to share/ask.
If you have not subscribed to my RSS feed, I will also recommend you do so now so you won’t lose any of my interesting articles.
Scan WordPress for Vulnerabilities with these tools
How to become a good writer
Recent WordPress Hack Attempts and How to Stay Safe
How to add horizontal navigation bar to a blogger blog
10 Commandments of blogging
I am looking forward to having this app for non smartphone users. Is it available for Nokia Mobiles?
I agree that plugin authors should add their opinion of whether or not it’s ready for MultiSite.
No Munna it is not, it is only listed for the smartphones listed in the article.
Yes it is compatible with multisite as every author will have his one secret key to set up his own account.
Good Tutorial ! WordPress bloggers trying to install this 2 step verification security layer on their blogs will be able to complete this tasks in just few minutes through this awesome tutorial .
-Pramod
Thanks Pramod for your comment, i hope you have enabled it on your own blog?
Hey Nwosu,
This is a great way to put an extra layer of security around the blog. I’ll definitely give it a try but need to see how flawlessly it works on Windows phones.
You will definitely be glad you did.
This is a great app for smartphone user and blogger at the same-time, this plugin will definitely safe many bloggers from hacking disaster.
Thanks Adesanmi Adedotun for your awesome contribution, hope you have enabled the Google 2-step verification on your blog?
Hi Nwosu,
Great tip. It’s so important to protect yourself online. For Web entrepreneurs, your site or blog represents your livelihood. As a result, it is so important to take every possible safeguard. Thanks for sharing this critical information with the BizSugar community.
Thanks Heather, glad you found my article interesting to leave a comment on.