Avoid Getting Hacked on WordPress, Enable 2 Step Authentication Now

Verification text Box for Codes 2 step Authentication WordPRessMicrosoft recently added 2 step authentication to its services and added an Authentication App onto the Windows Store. We blogged about it here. Now WordPress has it. And it got added just a week ago.

Reposted from the Official WordPress Blog – We know your blog is important to you, and today we’re proud to announce Two Step Authentication: an optional new feature to help you keep your WordPress.com account secure. For those of you who use Two Step Authentication with your Google account, you’ll know how useful this feature is for keeping your account secure.

Two Step Authentication works like this: when you log in to your WordPress.com account, we’ll prompt you to enter a secret number. To get that secret number, you’ll need to download the Google Authenticator App on your smartphone. It generates a new number every 30 seconds, making it virtually impossible to guess. All you need to do is open the app on your phone, and type in the number it’s showing. If you don’t have a smartphone, you can instead opt to have the number SMSed to you.

To enable Two Step Authentication, head on over to the new Security tab in your WordPress.com account settings, and go through the setup wizard. The wizard will help you make sure that everything is configured correctly:

WordPress Settings for 2 step Authentication

Once you enable Two Step Authentication on your account, there are a couple of extra steps we recommend you take:

Print backup codes

Print out some backup codes to keep in a safe place — your wallet, a filing cabinet or your document safe in case your phone is lost or stolen. You can print backup codes right from your WordPress.com Security tab:

Backup Codes WordPress 2 step Authentication

Generate application-specific passwords

Some apps that connect to your WordPress.com account (such as the WordPress mobile apps) don’t yet fully support Two Step Authentication. For these apps, you can generate unique passwords to use with each one (for example, you can have a different password on your phone and your tablet). If your device ever goes missing, you can disable its password with a single click, locking it out of your account.

If you need any extra help setting up Two Step Authentication, detailed instructions are available in the Support Documentation.

%d bloggers like this: