Originally published at: http://www.sitepoint.com/2-step-verification-wordpress-using-google-authenticator/
Online security is a big issue. Thousands of websites, brands, and online accounts are attacked by hackers every day. With the use of WordPress being so widespread, it’s not immune to these attacks. Thousands of WordPress powered websites have been targeted successfully in the past.
The infamous default ‘admin’ username and a weak password are both big issues, since they’re easier to brute force. It’s highly recommended that you never use ‘admin’ as your primary username, and always use a strong password, rather than a common, easy to remember password.
Google’s 2-Step Verification
Normally, you need a username and password to log in to your WordPress dashboard. If you use a strong password, that’s a step in the right direction, but did you know that you can make your WordPress login even more secure with Google’s 2-Step Verification (also known as two-factor authentication)?
There are numerous two-factor authentication plugins. In this article, I’m only focusing on Google Authenticator, which is already widely supported by many providers for two-factor authentication.
With Google’s 2-Step Verification enabled, you’ll be prompted to enter a six-digit number after you provide your username and password. If you don’t provide this six-digit number, you won’t be able to log in, even if you have the correct username and password.
Google’s 2-Step Verification can make your WordPress website more secure and more hardened against brute force attacks; even if your username password becomes compromised, logging in to your website will not be possible without the six-digit code.
Continue reading this article on SitePoint