Sunday, June 21, 2015

Make WordPress Site Secured With Google Authenticator

How to Enable Two Factor Authentication in WordPress using Google Authenticator?


As we already know about the feature called Two-step verification to login our google accounts. Now we can add this awesome security feature to authenticate the login security functions in the WordPress account with Google Authenticator. This is mainly a security tip, also a tutorial for the WordPress users. So guys who want to secure their WordPress account let us go through the details.


What is two step verification? And how it works?


Wordpress + 2 Factor AuthenticationGenerally, users always enter a username and password to enter into the WordPress Dashboard. This system of login is little bit low secured. Where the antagonists or Hackers have possible ways to login to your WordPress dashboard without much effort (Attacker can theft your username and password. In some circumstance if your password is too weak the attacker can brute force the password).


But After using a two-step verification users will be asked to enter a time sensitive code or OTP in addition to general login details (Username/Password). In general your time sensitive code will be generated by the dedicated mobile app.


We use the Google Authenticator in our case. This app developed by the Google, and is available for most of the mobile operating systems like Android, iOS, and Blackberry.


You can also use an awesome application Authy, which is also a pretty app. The main advantage of this application is that can sync the user profiles between personal Computer, Phone and Tablets.


Prerequisites before starting with Two Factor Authentication:


Download Google Authenticator, which is free of cost and can be installed from here.


AndroidPlay Store     WindowsStore     iPhoneHow to Download?     BlackBerryApps

But to run the application a mobile is required with an active data plan.


You need to carry the respective mobile device with you, where ever you need to login to your site.


How to install WP Google Authenticator plugin:


Installing this security feature to your WordPress account is very simple. You can easily complete the installation by following the simple step by step process.


Go to the plugin section in the WordPress dashboard and click on the add new plugin button


Search for the WP Google Authenticator


Click on the install button on the page


Now you have completed the plugin installation process. On the next step, let us see how to setup the plugin.


How to Set Up the WP Google Authenticator?


Setup reference image


  1. Firstly the plugin should be activated after the installation process.

  2. Now a few more options are added to the WP dashboard to make more secure.

  3. Go to the setting menu and click on the Authenticator.

  4. Activate Plugin: Check on the Active Plugin to activate the plugin. Having plugin installed without checking the option don’t work.

  5. Force Use: This is a useful option for a multi-user website. If you might want specific users to enable and use two-step verification, enable this. All the users will be asked to enable the feature.

  6. Site Name: This is the name of the new profile you would like to create in the Google Authenticator app, this would be used to identify your site.

  7. Max Attempts: After your WordPress Site secured with Google Authenticator. Users will be able to login to the WordPress dashboard in a certain number of times without using one-time password. After that, if they still didn’t enable this security, they won’t be allowed to enter WordPress dashboard.

  8. Authorized Clock: Last option in this section, this option will give extra time to the users to type the one-time password. Generally the OTP is valid for 30 seconds, here you can give some extra time for the users.

Final setup to enable Two Factor Authentication on mobile.


Now you have successfully set up the WP Google Authenticator on your WordPress account. Now the required user should active it on their profile. Lets us see how to activate and use 2-factor authentication.


  1. Go to the Users menu and click on your profile.

  2. Scroll down to the WP Google Authenticator Settings

  3. Activate: Check the Activate option

  4. Download the Google Authenticator app from the mobile app store and follow the steps.

  5. Regenerate Key: Generate the secret key, you can manually set up an account by entering profile name and secret key in the mobile app to enable the google authenticator and get the OTP

  6. Get QR Code: You can also add the profile to mobile app automatically by clicking on the Get QR code and scanning the QR Code with Mobile App.

You have completed the setup of Google Authenticator, now you should enter the Username and Password along with the OTP which is generated on the Google authenticator app on the mobile in order to enter WordPress dashboard.


I hope this article (how to enable two factor authentication in WordPress) will be helpful for you. Please share with your friends, might be helpful for them. Please follow us on Facebook, Twitter and Google + for regular updates.




Make WordPress Site Secured With Google Authenticator

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)