Two-factor authentication is an approach to authentication which requires the presentation of two or more of the three authentication factors and this is gaining popularity these days because lots of accounts getting compromised. Two-factor authentication seeks to decrease the probability that the requestor is presenting false evidence of its identity. Many online services like Google’s Gmail, Yahoo mail, Hotmail etc have two factor authentication available and user can always enabled them if they want.
WordPress being the most popular platform for blogging, there are many blog which get compromised due to lack of proper security measures. One of the best ways to prevent such attacks is by enabling two step authentication on your blog. By default WordPress does not offer any such service, but there are quite a lot of plugins/services which offer this. If you are looking to enable two step authentication on WordPress, here are some of the best available options.
1. Google Authenticator:
The Google Authenticator plugin for WordPress gives you two-factor authentication using the Google Authenticator app for Android/iPhone/Blackberry. If you are security aware, you may already have the Google Authenticator app installed on your smartphone for logging into other services like Gmail. The two-factor authentication requirement can be enabled on a per-user basis. You could enable it for your administrator account, but log in as usual with less privileged accounts.
Panicpress plugin will automatically send you a text message whenever anyone attempts to access your administration section, allowing you to approve or reject them before they ever see your dashboard. And if you ever worry that your blog has been or is being hacked, you can simply text “panic” to a special phone number and your whole blog administration section shuts down, leaving your actual blog untouched. You need to have an account with PanicPress to use it.
You get an SMS on phone and you can reply with the appropriate code to secure your WordPress.
Authy is a new service which helps you protect your WordPress site from hackers using simple Two-Factor Authentication. You can create a free account with Authy and it will allow 1,000 Users and 500 Authentications per month. If your blog or website has more users, there are paid versions of the plugin as well.
4. Duo Security:
Duo Security provides two-factor authentication as a service to protect against account takeover and data theft. Using the Duo plugin you can easily add Duo two-factor authentication to your WordPress website. Duo Security set up is simple, just install the plugin and create an account and assign the roles which needs the two factor authentication.
Duo’s WordPress plugin adds strong two-factor authentication to any WordPress login. You users will log in as usual with their primary credentials (their WordPress username and password). Then they’ll be challenged to complete secondary authentication via Duo Push, phone callback, or one-time passcodes generated via the Duo Mobile app or delivered via SMS.
So have you enabled two factor authentication on your WordPress blog?