How Secure is your WordPress Blog from unauthorised access? Secure WordPress Login process is an important step in securing your WordPress Blog.
Two factor authentications is a powerful mechanism to protect your online account. Google introduced Two-Factor Authentication long back and many online services are following the path. Two-Factor Authentication makes sure to a great extent that your accounts don’t get hacked. Google has introduced 2-step verification process for Google Apps initially. Now many prominent services such as DropBox, Facebook, Yahoo Mail, DreamHost etc started offering Two-Factor Authentication security.
If you have enabled two factor authentications, after you enter your username and password and if they are accurate, you’ll get a secret code sent to your phone, and only after you enter it will you get into your account.
But in extreme cases SMS password methods are also vulnerable to man-in-the-middle attacks such as mobile number porting attacks. In mobile number porting attacks an attacker tricks a mobile provider into transferring a victim’s mobile number to a new account which is under the attacker’s control. Any Text SMS messages to the victim’s mobile number will instead be directed to the attacker.
Related WordPress Security Articles:
- Must Do Tips to Secure WordPress Blog and Site
- Secure WordPress Blog- How to Change WordPress Admin Username?
- Top 5 WordPress File Change Monitor Plugins
- 60+ Most Useful WordPress Tips, Tricks, Tutorial
Secure WordPress Blog Using Two-Factor Authentication
If you maintain a self hosted WordPress Blog you can also secure your blog from unauthorised admin access using 2 factor authentications. (WordPress.com already supports Text Messaging feature but currently available in the USA only).
The Google Authenticator plugin for WordPress gives you two-factor authentication using the Google Authenticator app for Android, iOS, and BlackBerry.Using this plugin the two-factor authentication can be enabled per user basis. It is always better to use this for administrator account. You may not require this to be enabled for account such as contributor etc.
After activating the plugin you need to scan the generated QR code with your phone or enter the secret manually and press the update profile button. Next time when you try to login to the WordPress admin console, you need to provide the verification code received on your mobile phone to complete the login process.
Join Globinch on Social Media
- Turn your Windows 7 Computer Into a Personal Wi-Fi Hotspot 20 comment(s) | 26,795 view(s)
- Search Engines for File Sharing Sites : Rapidshare Search, Megaupload and More 2 comment(s) | 18,490 view(s)
- Google Translate Now supports Bengali, Gujarati, Kannada, Tamil and Telugu 2 comment(s) | 17,373 view(s)
- Best PDF OCR Tools to Convert Scanned images to Text / Word Documents 4 comment(s) | 13,751 view(s)
- Google Top Searches Today – Hot Google Search Words today 8 comment(s) | 13,529 view(s)
- Globinch Search 0 comment(s) | 10,428 view(s)
- Access Blocked sites, Unblock Restricted Websites 16 comment(s) | 9,473 view(s)
- Password Revealer – How To Reveal- Show Password Behind Asterisks? 1 comment(s) | 8,523 view(s)
- Play Angry Birds Game Free and Offline in Chrome Browser 1 comment(s) | 8,254 view(s)
- Free Online OCR Software to Convert Images Into Searchable PDF, Doc, HTML or Text 2 comment(s) | 8,092 view(s)
- Samsung Galaxy Core Features, Specs, Price
- How to Use Wi-Fi the Secure Way
- 5 Apps to Boost Android Performance
- Building a Smarter Site Using a WordPress Platform
- Samsung Galaxy S IV Smartphone :Summary of All the Radical Innovations
- 5 Killer Tips to Increase Traffic to Your Blog
- Domain Parking to Make Genuine Money Online
- SEO Is Not Dead, But You Need to Upgrade The Process
- A Complete SEO Guide on Using Social Media for Better SERPs
- When Should You Use Geotargeting or Setting Geographic Target in Google Webmaster Tools?