No matter how many password standards you set for users, we often cannot change their Internet usage habits. Authorized users surfing the Internet without awareness of information security may unintentionally lose personal and confidential information of the company they work for to people with malicious intentions.
Thanks to the 2FA / MFA measures you will take in the WordPress admin panel, you will be one step ahead of malicious users. In this article, we will tell you how to enable 2FA for WordPress user accounts.
Installing All-in-One Security (AIOS) for 2FA
Unfortunately, WordPress does not offer an integrated solution for 2FA. For this, we will perform with the help of reliable plugins.
Step 1: Install the plugin
We will use the All-in-One Security (AIOS) plugin for this. Go to Plugins > New Plugins and search for the All-in-One Security (AIOS) plugin and start the installation process.
Step 2: Go to Two factor authentication tab
After installation and activation were completed, click the Settings link of the All-in-One Security plugin and go to the Two factor authentication tab.
Step 3: Choose the roles for 2FA
In this area, specify which user roles you want the 2FA feature to be active on and click the Save Changes button.
Step 4: Go to the Two Factor Auth menu
The next step will be to enable the two-factor authentication feature; go to WP Security > Two Factor Auth in the WordPress menu.
Step 5: Activate 2FA and install a TOTP app
Enable the Activate two factor authentication section in this area. Then, install the Authy-style TOTP application or Google Authenticator on your phone and scan your QR code as shown on the screen below.
Step 6: Mission complete!
If you have completed all the steps correctly, try logging out and logging in again. If you see an interface like the one below after typing your password, you have successfully set up 2FA for your WordPress website.