WordPress 2FA: Two-Factor Authentication Option
Do you want to make your website harder to hack? If so, the Two-Factor Authentication Option (2FA) will help you with it.
Enforce WordPress admin dashboard protection using CleanTalk native 2FA
Keep safe your WordPress site admin account with Google Authenticator
CleanTalk 2FA
Your website administrator email address will be used for that. First, check it here:
- WordPress Admin Page —> Users —> Your Administrator Name —> Edit —> Contact Info —> Email
Make sure that everything is correct and activate the option here:
• WordPress Admin Page —> Settings —> Security by CleanTalk —> General Settings —> category "Authentication and Logging in" —> set the option "Two-factor authentication for chosen roles" to "On" or "Only for new devices".
On means that the option will work every time you log into your admin account.
Only for new devices means that the option will work in those cases when you log into your admin account from a new device (other desktops, laptops, mobile phones, tablets, etc.).
A modal window will appear to check if you can receive emails from your website.
Check your inbox to get the code. It will look like this:
Then select the roles you want to be protected. Press and hold CTRL button to do that:
Next time you log into your website as administrator, you will see the CleanTalk Authorization Window.
When you see such a window, that means your authorization code has been sent to your e-mail and you have 10 minutes to input it.
Important! Your website mail server will send your letters with codes, not the CleanTalk servers! Speed of letters depends on it.
If you want to disable the Two-Factor Authentication Option (2FA), go to your CleanTalk Control Panel and do the following:
1. Switch to your Security Dashboard: Menu "Services" —> choose "Site Security".
Direct link: https://cleantalk.org/my?cp_mode=security
2. Find your website and click the link "Settings" under its name.
3. Check the "Turn two factor authentication (2FA) off" option and click the button "Update".
Next, wait a few minutes until the CleanTalk servers tell the CleanTalk plugin to disable the option.
Try to log into your website again.
Google Authentication for WordPress dashboard
After you enabled CleanTalk 2FA you can switch it to Google Authentication. There are two ways of using the Google 2FA App:
1. Go to your WordPress Dashboard —> Profile Options
2. Scroll down to the CleanTalk Security 2FA and press Enable Google Authenticator:
3. You should see the QR code and the manual activation code.
4. Install and run Google Authenticator for Android or iOS.
5. Press the "Begin" button:
6. Select "Scan a barcode". If you can't use your camera on your device then click the line "Enter a provided key".
7. Focus the camera on the QR code that you see in step 3 of this guide. You should see the next screen on your mobile device with a new Authenticator record:
7A. Enter your account name and the manual activation code you have taken on step 3 of this guide to the respective fields. Set the type to "Time Based".
You should see the next screen on your mobile device with the new GA record.
8. Go back to step 3 and enter the code from Google Authenticator and press Ok:
9. Google 2FA is activated for your WordPress account.
1. Go to your WordPress Dashboard —> Profile Options
2. Scroll down to the CleanTalk Security 2FA and press Enable Google Authenticator:
3. You should see the QR-code and manual activation code.
4. Install the Google Authenticator extension for Google Chrome.
5. Press the extension button:
Perform the actions below, add your account name and the manual activation code from 3rd step to the "Secret" field :
6. Check if the GA record is successfully added:
7. Turn back to the 3rd step and enter the code from Google Authenticator and press Ok:
8. Google 2FA is activated for your WordPress account.
Google Authentication for WordPress Usage
There are two ways to log in with Google 2FA:
1. Proceed to your WordPress Dashboard login form and enter your WordPress credentials (not Google Authenticator code!)
2. The site will ask you for a Google Authenticator code.
You can find it in your Google Authenticator app.
3. Enter the code you see and press "Log In". Please, note, a GA code lifetime is restricted. If you see the check error message, please try to enter a new GA code.
4. If the previous step performed successfully, you will be redirected to your WordPress Dashboard.
1. Proceed to your WordPress Dashboard login form and enter your WordPress credentials (not Google Authenticator code!)
2. The site will ask you for a Google Authenticator code.
You can find it in your Google Authenticator extension for Google Chrome.
3. Enter the code you see and press "Log In". Please, note, a GA code lifetime is restricted. If you see the check error message, please try to enter a new GA code.
4. If the previous step performed successfully, you will be redirected to your WordPress Dashboard.
How to Disable Google Authentication for WordPress
To disable 2FA perform the next steps:
1. Enter your WordPress Dashboard —> Profile Options
2. Scroll down to the CleanTalk Security 2FA and press Disable Google Authenticator:
3. Press Update Profile
4. Google 2FA is disabled
It would also be interesting
- CleanTalk WordPress and Universal Security Plugins for websites | Description of all Security FeaturesFeatures of the CleanTalk WordPress Security and Uniforce Security Plugins Brute-force Protection Security...
- 2FA: Two-Factor Authentication for Your CleanTalk Dashboard2FA: Setting Up Two-Factor Authentication for CleanTalk Dashboard You can secure your CleanTalk...