What Is Two Phase Authentication?

Ongoing WordPress Support

Do You Need Help With Your WordPress Site?

Click through to the next page and learn more about our ongoing WordPress care plans.

Date

What is two phase authentication?  I'll tell you, it's an additional control you can add to you WordPress site to…

What is two phase authentication?  I’ll tell you, it’s an additional control you can add to you WordPress site to increase security.

Phase One

The first phase of authentication is your standard WordPress login user ID and password.

Phase Two

You are asked to enter a code which is sent to a device, usually your mobile phone.

Types Of Phase Two Authentication

There are a number of ways the code for phase two here are some examples:

  • An app that give you a code
  • You are sent a text message with a code

Phase Two Has An Expiration Date

The code sent your device has an expiration date, usually just a few minutes.  This means you have to act quickly and login with your code.

If you try to use an expired code, you will not be able to authenticate correctly.

Always With You Device

The beauty of this process is that the code is sent to a very personal, always with your device, your mobile phone.

A hacker could crack your user ID and password but they would have to go to another extreme level and find you and then steal your device to complete the process.

I like to think of security as a series of layers of control, the more layers the more annoyance you give to the hacker.

My Preferred Tools For Two Phase Authentication

My preferred tool is from Google and it’s called Google Authenticator, it is an app you install on your phone and a plugin you install on your site.  Here are the links.

https://en-gb.wordpress.org/plugins/wp-google-authenticator/

Android App

Apple App

VIDEO – Two Phase Authentication In Action

Here is a video walk though of me creating a user with 2 Phase authentication.

 

Wrap Up – What Is Two Phase Authentication?

It’s an additional level of authentication.

Just because you have 2 phase authentication activated, does not mean you are 100% safe, if the hacker has ftp access they can deactivate the plugins or create a new user which is not authenticating.

As I said previously I think of security as a multiple layer cake, the more layers, the tighter the security.

Do you need help hardening the security of your WordPress site, why not get a quote.

Photo Credit: drpeterrath Flickr via Compfight cc

1 thought on “What Is Two Phase Authentication?”

  1. Webshop Mechanic

    Thanks Neil, that’s a useful post. I want to make my WordPress admin safe from unscrupulous barstewerds and this will certainly help. I’ll give it a go tonight.

    Keep up the good work.

    Cheers

Comments are closed.

Ongoing WordPress Support

Do You Need Help With Your WordPress Site?

Click through to the next page and learn more about our ongoing WordPress care plans.

More
articles