What is two-factor authentication? Two-factor authentication is a process of verifying a person’s identity by requiring two methods of verification: either something you know, something you have, or something you are.
To better understand this, let’s start out by defining the word authentication. Authentication is the process of verifying the truth, or authenticity, of a piece of data. In regards to information security, authentication is usually related to verifying a person’s identity.
On the web, the traditional model of authentication is logging in with a username and password. Two-factor authentication, on the other hand, requires an additional method of verifying a person’s identity. This adds an additional layer of security to your account or your website.
Examples of Two-Factor Authentication
A classic example of using two-factor authentication involves using your debit card along with a PIN number in order to make purchases or withdraw money from an ATM.
- Your first method of verification is possessing the physical debit card
- Your PIN number is your additional method–or your second factor–of identification
That way, even if someone was to steal your debit card, they’d also have to steal your PIN number in order to access your bank account.
Another example might involve gaining access to a top-secret laboratory. In order to enter, you first need to enter a valid passcode. And, even if the passcode is valid, you’d still need to scan your fingerprint in order to verify your identity a second time before you’re allowed to enter.
- In this situation, the first method of verification is using the correct passcode
- The second factor is having a matching or valid fingerprint.
Components of Two-Factor Authentication
True multi-factor authentication requires you to confirm your identity by requiring verification from at least two of the following categories:
- Something you have (like a debit card)
- Something your are (like a fingerprint)
- Something you know (like a password or PIN number)
Using multi-factor authentication makes it more difficult for someone to steal your identity because they have to compromise your identity in multiple ways, and each method requires a different type of theft.
Two-Factor Authentication for WordPress Websites
On the web, a common method of two-factor authentication is using your password. After entering a correct password, you must then use an app on your phone in order to generate a code. Then, in order to complete your login, you need to take that code and enter it on the website.
Using this method of two-factor authentication:
- your password is something you know
- your phone is something you have used to access the code
Using two-factor authentication is a great way to enhance the security of your WordPress website.
If you’re interested in setting up two-factor authentication on your WordPress website, you can use a WordPress two-factor authentication plugin like iThemes Security Pro in order to easily set up WordPress two-factor authentication in just a few steps.
Kristen has been writing tutorials to help WordPress users since 2011. You can usually find her working on new articles for the iThemes blog or developing resources for #WPprosper. Outside of work, Kristen enjoys journaling (she’s written two books!), hiking and camping, cooking, and daily adventures with her family, hoping to live a more present life.