how to tech news wordpress

[How To] Add 2 Step Verification to WordPress Blogs with Google Authenticator

Here’s quick guide to add extra layer of security to your WordPress blog by enabling Google Authenticator app. WordPress has been targeted by anonymous hackers around the globe and it’s under major Brute Force Attack. Many authority sites like TechCrunch, Mashable, HostGator have reported that the hackers are using almost 1 lack IP addresses to break login limits that has been put by the blog admins. However, in order to keep your WordPress blog safe, you must really be cautious about its security. Here’s a simple yet most effective How To guide to protect your WordPress Blog from being hacked by protecting it with 2 Step Verification powered by Google authenticator.

What is Brute-Force Attack and How does it Affect WordPress?

Brute Force attack is the most common term among hackers, especially in black hat geeks. In this method, the hackers are trying to login to the blog with randomly generated passwords. They usually prefer Dictionary attack method to guess the password in common cases. But when it comes to advanced attacks, they depend on digital caps which generated non-dictionary words. However, if we don’t make our passwords strong by including special characters it will be easy for the hackers to do the rest.

In WordPress, the username is “admin” by default and most of us don’t change the username since there’s no option from the dashboard. But by doing the following steps, you can easily change your username.

  • Create another user with administrative power and switch to that account. Then delete the old account. Remember to create a username other than “admin”, got it?
  • Alternatively, you can install “Better WP Security” plugin to add extra layer of security to your blog. It has amazing security options to protect your account within the dashboard itself. So it’s highly recommended to install this plugin prior moving to our tutorial as it will enable maximum possible protection to your blog.

Google Authenticator generates 2-step verification codes on your phone. Enable 2-step verification to protect your account from hijacking by adding another layer of security. With 2-step verification signing in will require a code generated by the Google Authenticator app in addition to your account password. -from the developers

Well, I have given the basic terminologies above and let’s move to the real topic, adding 2 step verification to your WordPress Blog.

Pre-Requisites

  1. WordPress blog with admin power account
  2. A smartphone (Android, iPhone or BlackBerry), here I’m using Android and I recommend too.
  3. Google Authenticator WordPress plugin
  4. Google Authenticator App (Android version here)

How to Enable 2 Step Verification to your WordPress Blog with Google Authenticator

I think you might have heard the term “2 step verification” already in Google accounts. Yeah, it gives us extra protection to our accounts even though the hacker identified our password. The hacker may need to enter a security PIN in order to  login successfully even after finding the password. Usually, the verification PIN is sent in mobile phones so as to to notify the real owner. Here also, if the hacker got our password by any kind of attack, he need to know the secret verification code to access the compromised blog. Pretty good isn’t it?

2 step verification to WordPress Blog
2 step verification to WordPress Blog
  • Now open the app installed in your phone and create a new account. Now authenticate the app either with the secret code ( unique) or with the QR code.
    Add Google Authenticator Two Step Verification To Your WordPress Blog
    Add Google Authenticator Two Step Verification To Your WordPress Blog
  • Finally, complete the setup and rock on . You’re done adding 2 step verification to your WordPress blog.

 

Hereafter, whenever one tries to login to the blog, an extra box asking secret 6 digit code will be seen. That’s it.

Google authenticator enabled login screen
Google authenticator enabled login screen

As far as I used, it’s very effective when it’s used along with Better WP Security plugin. Do let me know if you have any doubts or problems regarding this tutorial. Your Comments are highly appreciated. Share it and shower the love. 😀

 

About the author

Sidharth Pk

Sidharth. Works at Cyanogen. Android dev. Audiophile. Rider.. Find us on Google+
Find Me on Facebook Follow Me on Twitter

16 Comments

Click here to post a comment

Categories