How to Get Two Factor Authentication for Your WordPress Blog

The idea of getting hacked and having my blog’s data compromised or destroyed is pretty heart-wrenching. I’m sure you feel the same way — that sinking feeling is one that I want to avoid desperately.

With that in mind we all appreciate the value of good online security. Hopefully you subscribe to the fundamental “rules” of online security by creating complicated passwords and not using the same password across multiple accounts. Unfortunately, under such circumstances you are still potentially vulnerable to attack.

However, with two factor authentication you can take a massive step up in terms of protecting yourself. In this post I want to explain what two factor authentication is and explain how you can set it up for your WordPress blog in just a few minutes.

What is Two Factor Authentication?

Picture how you might typically login to an account online — you enter a user name and a password and you’re in. The problem with this system is that if anyone else knows (or can figure out) your user name and password they can essentially “be you” in terms of that account. That in a sense is a problem with operating in the online world — generally speaking you can’t put a face to a name.

That’s where two factor authentication comes in. One extra step is added to the login process that makes a world of difference in terms of security. First you have to enter your username and password, but you must then also enter a unique code that is sent to your cellphone as a natural response to your login attempt. This has a clear benefit: someone can only login to your account if they have your username and password and access to your cellphone.

How to get Two Factor Authentication for Your WordPress Blog

The benefits of two factor authentication should be crystal clear; if you’re security conscious then it is probably something you should consider carefully. But how easy is it to get two factor authentication setup on your WordPress blog?

The answer is “very easy” and also free by using the Authy Two Factor Authentication plugin. If you want to know how easy it is to get up and running with this plugin just check out this short video:

Authy is free to use up to 1,000 users and 500 login attempts. So on average you can login more than sixteen times per day and not pay a penny for the huge increase in security. And if your site does ever get so big that you have a number of users and multiple login attempts, Authy is equipped to handle the increase in volume with payment plans starting at $49 per month.

To be honest I was pretty blown away by Authy’s ease of use. Sure — it is a hassle to have that extra line of security between you and successful login, but ultimately your decision should be based upon the importance of security.

Two Factor Authentication with ManageWP

If you’re a regular ManageWP reader then you’ll know that we’re not ones to toot our own horns (well, not much anyway ;-)) but it would be remiss of me not to mention that our service (even the basic package) comes complete with the option of two factor authentication built-in. We recognise the importance of security so it seemed a no-brainer to us to include this option within the ManageWP package.

Two factor authentication is a fantastic option for any security-conscious blogger and I would advise that you consider it carefully even if you’re not that bothered about security. The unfortunate statistical truth is that if you are not particularly concerned about security you are far more likely to suffer a potentially fatal breach — far better to think ahead and be prepared then react to the worst happening.

Download Authy from WordPress.org here.