Here’s a quick guide to adding an extra layer of security to your WordPress blog by enabling the Google Authenticator app. WordPress has been targeted by anonymous hackers around the globe and it’s under a major Brute Force Attack.
Many authority sites like TechCrunch, Mashable, and HostGator have reported that the hackers are using almost 1 lack of IP addresses to break login limits that have been put by the blog admins. However, in order to keep your WordPress blog safe, you must really be cautious about its security. Here’s a simple yet effective How To guide to protect your WordPress Blog from being hacked by protecting it with 2 Step Verification powered by Google authenticator.
What is Brute-Force Attack and How does it Affect WordPress?
Brute Force attack is the most common term among hackers, especially black hat geeks. In this method, the hackers are trying to log in to the blog with randomly generated passwords. They usually prefer the Dictionary attack method to guess the password in common cases. But when it comes to advanced attacks, they depend on digital caps which generated non-dictionary words. However, if we don’t make our passwords strong by including special characters it will be easy for the hackers to do the rest.
In WordPress, the username is “admin” by default and most of us don’t change the username since there’s no option from the dashboard. But by doing the following steps, you can easily change your username.
- Create another user with administrative power and switch to that account. Then delete the old account. Remember to create a username other than “admin”, got it?
- Alternatively, you can install “Better WP Security” plugin to add an extra layer of security to your blog. It has amazing security options to protect your account within the dashboard itself. So it’s highly recommended to install this plugin prior to moving to our tutorial as it will enable the maximum possible protection for your blog.
Google Authenticator generates 2-step verification codes on your phone. Enable 2-step verification to protect your account from hijacking by adding another layer of security. With 2-step verification signing in will require a code generated by the Google Authenticator app in addition to your account password. -from the developers
Well, I have given the basic terminologies above and let’s move to the real topic, adding 2 step verification to your WordPress Blog.
- WordPress blog with admin power account
- A smartphone (Android, iPhone or BlackBerry), here I’m using Android and I recommend too.
- Google Authenticator WordPress plugin
- Google Authenticator App (Android version here)
How to Enable 2 Step Verification to your WordPress Blog with Google Authenticator
I think you might have heard the term “2 step verification” already in Google accounts. Yeah, it gives us extra protection to our accounts even though the hacker identified our password. The hacker may need to enter a security PIN in order to login successfully even after finding the password. Usually, the verification PIN is sent in mobile phones so as to to notify the real owner. Here also, if the hacker got our password by any kind of attack, he need to know the secret verification code to access the compromised blog. Pretty good isn’t it?
- Install Google Authenticator WordPress plugin in your blog and activate it.
- Then download Google Authenticator App and install it on your smartphone.
- Now head on to Users>Your Profile and locate the plugin option as shown below.
- Now open the app installed on your phone and create a new account. Now authenticate the app either with the secret code ( unique) or with the QR code.
- Finally, complete the setup and rock on. You’re done adding 2 step verification to your WordPress blog.
Hereafter, whenever one tries to log in to the blog, an extra box asking secret 6-digit code will be seen. That’s it.
As far as I used, it’s very effective when it’s used along with Better WP Security plugin. Do let me know if you have any doubts or problems regarding this tutorial. Your Comments are highly appreciated. Share it and shower the love. 😀