With Google Authenticator, you can combine classic username and password login to your WordPress site with an additional security code. This will increase the security of your website.
WordPress supports two-factor authentication via Google Authenticator using plug-ins such as Hendrik Schack's Google Authenticator.
In the first step, you activate two-factor authentication in the admin area and can then customize the two-factor authentication for each user individually.
This allows you to protect admins specifically and, for example, exclude authors from two-factor authentication.
Install Google Authenticator
Install the Google Authenticator App on your smartphone.
Install Google Authenticator WordPress plugin
In the WordPress admin area, select Plugins, then install and search for Google Authenticator.
- Install the Google Authenticator plugin from Hendrik Schack.
- Activate the plugin Google Authenticator by Hendrik Schack.
You can now customize two-factor authentication for your users.
Setting Up Two-Factor Authentication for WordPress Users
- Open the User area
- Select the user for whom you want to enable two-factor authentication.
- Under Google Authenticator Settings, enable the Enable Google Authenticator option.
- Click on Show/Hide QR Code
You should now see an automatically generated QR code.
Open the Google Authenticator app on your smartphone and scan the QR code.
Alternatively, you can create the account manually. Use the description and secret key that WordPress displays for this user.
In the Google Authenticator App, you'll now find a new listing for your website. The security code is updated every 30 seconds.
Click on Update profile.
Two-factor authentication is now set up for this user. Use a new security code for each login in the future.
write down a secret key
If you do not have access to your authenticator, you can use the secret key to link a new authenticator.
Put the secret key in a safe place. Old-fashioned but safe: Write it on a piece of paper of your choice.
That's all there is to it! Congratulations, your WordPress website has become a lot safer!