Brisbane Web Agency
07 3856 3303

Our quick guide to two-factor authentication for WordPress admin users

Two-factor authentication (2FA) is a security technique that implements two different authentication factors during the login process. This adds an extra layer of security, making it harder for attackers to access your website. 

Google authenticator

Step 1. Download a free authenticator app onto your smartphone

Two-factor authentication uses an authenticator application. First, choose an authenticator application to use, if you do not already have one installed on a cell phone or tablet. There are many available for iOS, Android, and other platforms, including Google Authenticator, a free app.

Step 2. Enable the login authenticator for your website

  1. Go to your WordPress admin page.
  2. Open your authenticator application and add a new entry. Most apps have a plus sign symbol or a tiny QR code symbol.
  3. Scan the QR code on the “Login Security” page.
  4. If you are accessing a site on a phone or tablet you can copy the line of letters and numbers below the QR code, and paste that in an application, using the application’s “manual” setup option.
  5. Click the “Activate” button.

Optional features for regular Admin users:

  1. 30-day device memory: If  enabled, users with 2FA enabled may choose to be prompted for a code only once every 30 days per device.
  2. Allowlisted IP addresses that bypass 2FA.

If you need help, contact the team at ZOIK for assistance in setting up 2FA.