How to Add Two-Factor Authentication in WordPress

The login security is the key point for any WordPress site. After all, the login page is the last gate for accessing the back-end of your website. If it is easy to break, your website can in a vulnerable situation.

Now, you can find a lot of methods to enhance the login security of your WordPress site. Among these tips, the utilization of two-factor authentication is one of the most effective methods. This time, we’d like to tell you what it is and how to add two-factor authentication in WordPress.

Basic Knowledge about the Two-Factor Authentication

This method is also known as two-step authentication. Just like the name indicates, when entering the admin panel of your WordPress site, only entering the correct login name and password is not enough. In addition, you also need to finish another step – enter the addition random code received from your phone. In this case, even if your login credential is got by hackers, they still cannot access your admin due to the lack of your phone.

As researched, the brute force attack is one of the most popular hacking methods for WordPress sites. The two-factor authentication, however, can deal with this kind of attack effectively.

How to Add Two-Factor Authentication in WordPress

To add the two-factor authentication to your WordPress site, you can use the Google Authenticator plugin. As compared with many other related WordPress plugins, this one is totally free to use and allows multiple methods for authentication.

Finish the Registration

After the plugin installation, you firstly should finish the account registration with the plugin developer. For this, you can enter the settings page of this plugin. Here, you need to provide your email, name and password.


After clicking the Submit button, this plugin will send you the exclusive OTP to verify your email address. Now, you can enter the OTP and click the Validate OTP button. Next, this plugin will take you to the price screen. You just need to click the “OK. Get It” link for the two-factor authentication feature is free to use.

Set Up the Two-Factor Authentication

Now, you can click the Setup Two-Factor button to select and set up the two-factor method.

  • Email – The OPT link will be sent to your email address. You have to click the Accept link to enter the WordPress admin.
  • SMS – You can receive the OTP via the SMS on your smartphone.
  • Phone Call – You will receive a free phone call that tells you the OTP.
  • QR Code – You need to scan the QR code using the plugin app to login the WordPress admin.
  • Push Notification – You can receive a push notification from your phone to Accept the website login.
  • Google Authenticator – You need to enter the 6-digit code generated by the Google Authenticator before login.


Here, we just take the SMS option as an example. You simply need to click this method. And in the next screen, you should enter your phone number and click the Verify button. After that, you will receive the one time password from your phone. You just need to enter the code and click the Validate OTP button.


Now, each time you login your WordPress admin, you can receive a 6-digit password that is required for the successful login.

If you want to use other authentication methods, you just need to click the How to Setup link to learn the detailed steps.

Related Articles