Login Security is the most crucial part of your website, let’s dig deeper!
If you are serious about the security of your WordPress website, then you should not ignore the login page attacks of your WordPress website.
Still Confused?
Let’s make it easy and have a look on a report by WordFence Security Plugin:
Image Source : WordFence Blog
So, You might have got an overview of what the attackers do with a compromised website.
Thus, enhancing the security of your website is a best choice.
Enhancing Login Security
For this we would use the FREE WORDFENCE PLUGIN available on WordPress repository.
Using 2FA for Login Security:
First, choose an authenticator app to use, if you do not already have one installed on a cell phone or tablet. There are many available for iOS, Android, and other platforms, including:
- Google Authenticator
- LastPass Authenticator
- Microsoft Authenticator (Recommended)
- Many Other
Enabling two-factor authentication:
- Go to the Login Security page in your site’s wp-admin area
- For admins, this is on the Wordfence menu
- For other users, this is a separate menu with a Wordfence logo
- Open your authenticator app and add a new entry; most apps have a plus sign or a tiny QR code
- Scan the QR code on the login security page; your authenticator app should then display a six digit code
- If you are accessing a site on a phone or tablet and obviously can’t point the camera at its own screen, you can copy the line of letters and numbers below the QR code, and paste that in an app, using the app’s “manual” setup option
- In the “Download recovery codes” section, click the Download button
- Recovery codes can be used if you lose your device
- Print or save the file, and store it in a safe place
- Enter the six digit code that appears in your authenticator app
- This code changes every 30 seconds
- If the code expires, you can enter the next code instead
- Click the Activate button
If this is your first time setting up 2FA on a site you may want to try logging in to the site in a different browser or in a private or incognito browser window to check for any compatibility issues before logging out.
Doing this will considerably improve the login security of your website.