Tag / google authenticator

WP Google Authenticator has just been updated to version 1.0.4. This new version only brings one change few changes, but it’s a pretty big one.

Account Recovery

There was one feature missing to the plugin until now: a way for users to log in their site even if they can’t access the Google Authenticator app. If you just changed your phone for instance: you re-install the app, but you don’t have all your profiles anymore. You’re locked out of your site.

With the new recovery feature, when you activate 2FA for your account, a recovery code is automatically generated.

After you generated the recovery code, it will appear in your profile for 5 minutes. After that delay, you can always see your recovery code, but you will need to enter your WordPress account password before you can see it.

Now, if you have to use this code in a situation where you can’t use the Authenticator app, you will be logged in just as usual, but  2FA will be disabled for your account.

Next step is to go to your profile page and re-enable 2-factor authentication. […]

Continue reading →

2-factor authentication is a simple and efficient way to enforce security for your WordPress site. This will ensure you only can login to the WordPress dashboard with your credentials.

What is 2-factor authentication and why use it?

It is also referred to as 2-step verification. The standard way to log in your WordPress dashboard is to use a classic username / password couple. The problem with this is that security is low. A lot of people are debating about this system, arguing that it should not be used anymore.

There are two main possible ways for an attacker to get into your WordPress dashboard without too much difficulty:

  1. Your login / password were stolen,
  2. Your login / password are too weak and the attacker can brute force your login

2-factor authentication enforces security by requesting a one time password in addition to the username / password couple. This one time password is based on the current time, that’s what makes it unique. You will generally receive this password by e-mail, SMS or via a dedicated app.

In our case, we will use a dedicated app: Google Authenticator. […]

Continue reading →

Are you concerned about security? Then this plugin might be for you.

WP Google Authenticator is a WordPress plugins which will add an extra layer of security to your site. If you’ve previously been hacked or if you just wanna make sure this never happens to you, then 2-factor authentication is a great starting point.