The latest version of iThemes Security Pro (2.7.0) includes some improvements to help make setting up two-factor authentication for your WordPress site even easier. Two-factor authentication is one of the best ways to secure your site, so we want to make it quick and simple to set up.
Two-factor authentication is one of the most essential, critical things you can do to secure your WordPress site.
Two-Factor Authentication adds an extra layer of security to protect against:
- Weak passwords. Many people still use very weak passwords that can be easily gamed. (iThemes Security Pro also lets you enforce strong passwords for all your WordPress users to up your WordPress password security.)
- Reusing passwords. Many people still reuse passwords across a variety of sites. If another site where you reuse your password is hacked, often the hackers publish those passwords for others to use.
- Old passwords. Another weakness in passwords is most people don’t change their passwords at all. With two-factor, your secondary password changes every 30 seconds.
- Brute force attacks. With computing power where it is now, with enough time, someone could conceivably break even long and random passwords. By requiring an extra login step (in this case, your phone), the success of brute force attacks is greatly reduced.
- Using unsecured WiFi networks. That coffee shop WiFi that you are on isn’t quite as secure as you thought and someone could be listening in and collecting your passwords.
Learn how you can encourage all users to enable Two-Factor on your WordPress sites here with iThemes Security Pro and check out our Two-Factor chat here with iThemes Security co-developer Aaron Campbell.
Set Up WordPress Two-Factor Authentication with iThemes Security Pro
Once you update to iThemes Security Pro 2.7.0, and if you don’t already have two-factor enabled, you’ll see a notice in the WordPress dashboard to configure your two-factor settings. This notice will also appear for all users once you have two-factor enabled on the site.
By clicking on the “Activate Two-Factor Authentication” button, you’ll be taken to a new screen to help guide you through the Two-Factor setup process. We include some recommendations for the various two-factor apps you can install on your mobile device including Google Authenticator, Authy, FreeOTP Authenticator and Toopher.
To finish setting up two-factor authentication, you can check out more detailed instructions and an introduction to two-factor authentication here.
Here’s an abbreviated version of the setup process:
1. Download a two-factor app
2. Open the app and scan the QR code with your mobile device
3. Enter the code provided by your two-factor app
4. All done! Click the “Enable and Make Primary Two-Factor Authentication Method” button to complete setup.
Using Email as Your Two-Factor Authentication Method
In addition to using a two-factor app on your mobile device, iThemes Security Pro also offers the option to use email as your two-factor authentication method. When you enable Email, your login authentication code will be delivered via email.
You can activate the email two-factor option by visiting your Profile page.
The next time you log in, you’ll be prompted to use a code sent to your email.
Update to iThemes Security Pro 2.7.0 Now
Get Two-Factor Authentication & More with the
iThemes Security Pro Plugin
Add an extra layer of protection to your WordPress site with iThemes Security Pro. Along with two-factor authentication, get scheduled malware scanning, Google reCAPTCHA integration, and much more. Check out all the reasons to go Pro here.
Kristen has been writing tutorials to help WordPress users since 2011. You can usually find her working on new articles for the iThemes blog or developing resources for #WPprosper. Outside of work, Kristen enjoys journaling (she’s written two books!), hiking and camping, cooking, and daily adventures with her family, hoping to live a more present life.