Have you noticed that popular websites like Facebook and Google now give you the option to add two-factor authentication to improve security?
Well, you can also add two-factor authentication to your website WordPress. This will guarantee maximum security for the latter.
In this tutorial, we will show you how to add two-factor authentication to WordPress using the Twilio SMS service.
But first, if you've never installed WordPress, find out How to install a WordPress blog in 7 steps et How to search, install and activate a WordPress theme on your blog
Then let's go to why we are here.
Why add two-factor authentication for WordPress login?
One of the most common hacks used by hackers is called the brute force attack. Using automated scripts, hackers try to guess the username and password to break into a website WordPress.
Protect your work by reading How to protect your WordPress work on client websites
If they steal your password or guess it accurately, they can infect your website with malware.
One of the easiest ways to protect your WordPress website from a stolen password is to add two-factor authentication. This way, even if someone has stolen your password, they will have to enter a security code which is only sent to your cell phone.
There are several ways to configure dual factor authentication. This tutorial will focus on one of two:
So let's take a look together at how to easily add two-factor verification to your WordPress blog.
But before, if you have never installed WordPress discover How to install a WordPress blog in 7 steps et How to search, install and activate a WordPress theme on your blog.
Then, back to why we are here.
Adding dual factor authentication on WordPress
This method adds two-step SMS verification to your WordPress login screen. After entering the username and password, you will receive an SMS text message to your phone with a code.
But, you need to install the plugins first Two Factor et Two Factor SMS. For more details, see our step by step guide on how to install a WordPress plugin.
The first plugin called " Two Factor »Offers several ways to configure 2-step verification in WordPress. The second plugin, which is called " Two Factor SMS Is an extension for the first plugin. It adds SMS support for verification in 2 steps. You will need these two plugins installed and activated.
After activation, you must go to " users> Your profile page And scroll down to the "Two Factors Options" section.
Check the box next to the option " SMS (Twilio) And click on the checkbox to make it the primary verification method.
After that, scroll down to the Twilio section.
You will need to provide your Twilus account information.
Twilio is an online service that offers voice, voicemail and SMS services for use with your own applications. They also have a limited free plan that would be enough for our tutorial.
Visit Twilio website and create your free account.
In the registration page, you will be asked for usual personal information. Then you will be asked which products you want to use first.
You need to select SMS and then select the option of 2-factor authentication. Finally, select PHP for your programming language.
Once you have your account, you will access your Twilio dashboard where you have to click on the button " Start "(Get Started).
This brings you to a configuration wizard where you have to click on the button " Get your first Twilio Number ».
A popup will be displayed with a US-based phone number. Copy and save this number to a text file, then click on the button " Choose this number ».
You can now exit the wizard and access the " Settings> Geo Permissions ».
Here you have to select the countries where you will send SMS. Since you use the service to receive SMS yourself, you can select the country in which you live and the countries where you travel.
Then, you need to visit the Twilio console dashboard to copy your SID account (Account ID) and the Auth Token (Connection token).
Now you have all the information you need.
See also: How to add Gmail authentication on WordPress
Go to the user's profile page on your website and enter the Twilio account SID, authenticator phone number, and sender phone number.
Add your own phone number as "Phone number of the receiver».
Do not forget to click on the button « Update Profile "To save your settings.
You can now log out of your website to see the plugin in action.
On the login screen, you will first provide your WordPress username and password. Then you will receive an SMS notification on your phone, and you will need to enter the code you received.
Other recommended resources
We also invite you to consult the resources below to take more ownership and control of your website and blog.
- WordPress vs Blogger: which is better? (Advantages and disadvantages)
- How to schedule posting articles to your WordPress blog
- 5 WordPress plugins for video background
- How to fix mixed content error on WordPress
Conclusion
Here ! That's it for this tutorial, hopefully it will allow you to add two-factor authentication to your WordPress blog.
However, you will also be able to consult our resources, if you need more elements to carry out your projects of creation of Internet sites, by consulting our guide on the WordPress blog creation or the one on Divi: the best WordPress theme of all time.
If you have some Comments or suggestions, please let us know in the section reserved for them. If you liked this article, ndo not hesitate to share on your favorite social networks.
...
Thanks, but I don't have any plugin activated, except two factor and two factor sms…
So that must be another problem ??…
Try to disable everything.
Thank you for your reply.
What is the name of "the plugin in question" that I am supposed to remove?
thank you in advance
Please re-read my message. I invite you to disable all plugins and activate them one by one while testing.
Hello,
It does not work for me: I have the following message: An error occured while sending SMS.
and suddenly I can no longer access my account ...
how can I unlock it?
Hello,
access your files via an FTP tool, then delete the plugin in question. If he is the cause, then everything will be fine on your blog.