Hey everybody I want to let you know that I have undertaken the grueling task of getting the heck away from WordPress. I was so sick of the problems and updates I had to do all the time. I am now using my ezbloo system and I am integrating all my old posts into the new system. It sucks, but in the end, I will save bundles of time. I needed to keep things simple and that is why I created ezbloo. I'll have more on this later for you guys after I am done with the total integration of my old posts here. So if you are looking for a post and need it faster, shoot me an email and I will make it a priority. [email protected]

TFA Two Factor Authorization for WordPress Edit
Last Update:2024-10-17 10:51:44
The Change:2024-10-16 10:33:26

(TFA) or "Two Factor Authorization for WordPress" is a security plugin that makes your WordPress safer. There are several different 2 step options in this plugin and they are very easy to set up. You can also access the Two Factor GitHub page here. 


Two Factor Run Down

Two Factor Authorization creates another step for users that try to log into your WordPress. Why does this make your WordPress safer? Because someone needs more than just your username and password to hack their way into your website. This does create another step for you the website master but only one time per device. When preforming any of the following options you will have to log out and try to log back in before you can see it. In order to get to the settings you must click on "Users" in your dashboard. You will then be able to see the options that we will discuss below.

Two Factor Options

There are 5 different Two Factor options. Lets talk about them.

TFA Email Option

If you enable this option you will be emailed a code that you use during the login process. You will have to wait for your email to come.

Pros

This is very easy to do. Just click the settings and you are ready to go.

Cons

  1. You better hope that your server is not out of SMPT relays. If it is you will never get the email with the code.
  2. It may take several minutes before you get the code using this method.
  3. It is not secure because someone can intercept an email if it is not secure.

Time Based One-Time Password (Google Authenticator)

You need to download Google Authenticator in order to use this.

Pros

Its very secure.

Cons

  1. You have to download an app on your phone or tablet.
  2. Is a little bit harder to set up.

FIDO Universal 2nd Factor (U2F)

Do not try this unless you have a HTTPS or SSL on your website. You have to register a new key to begin this process.

Pros

It is very secure.

Cons

You need a SSL or HTTPS to set it up.

Backup Verification Codes (Single Use)

This is my favorite. You click a button to generate verification codes then download them. Save them to a safe place & use them in consecutive order.

Pros

Very easy & secure.

Cons

  1. Do not lose the codes or you will be blocked out.
  2. You have to use the codes in consecutive order.
  3. You cannot use the same code twice.

Dummy Method

This is by far the easiest option but they call it dummy option for a reason.

Pros

Very easy to implement.

Cons

It does not make your wordpress any safer.