How to add a two-step verification security system to your WordPress.com blog
You can add an extra layer of security to your WordPress.com blog by easily adding an authentication step to your sign-on process.
“Two Step Authentication works like this: when you log in to your WordPress.com account, we’ll prompt you to enter a secret number. To get that secret number, you’ll need to download the Google Authenticator App on your smartphone. It generates a new number every 30 seconds, making it virtually impossible to guess. All you need to do is open the app on your phone, and type in the number it’s showing. If you don’t have a smartphone, you can instead opt to have the number SMSed to you.” (WordPress.com, “Greater Security with Two Step Authentication”)
After signing into your WordPress.com account, click over to the Security section within your Settings (you can find it by clicking on your account picture on the top, right-hand side).
Clicking on the Security option will take you straight to the two-step authentication set-up process; let’s walk through the steps below:
1) Enter Number
Pretty simple; just input your cell phone number. As it says above, WordPress needs your number so that if you can’t access your Authenticator app, you’ll be able to receive a text message with a verification code to access your account.
2) Download App
If you have a smartphone, download the Google Authenticator app. When you’re in the “download app” section, you can click on your respective brand of phone and get further instructions. Or just search for Google Authenticator in your app store.
3) Verify Code
Once you verify the code, you’ll also be given a list of ten backup codes that will let you access your WordPress account if you don’t have access your phone. Print these!
And now the two-step authentication for your blog is enabled! You’ll see it working for you whenever you log in; after inputting your account id and password, it will ask for your Google Authenticator’s extra-secure passcode — without it, you won’t access your WordPress account.
If you decide to remove this extra verification, you can always log into WordPress.com (with the two steps of passwords), and click over to your account image –> Settings –> Security and click “disable” (shown in the “Finished!” photo).
Just remember: without access to the app, your phone, or a backup code, you will lose access to your account!
As a blogger, website maintainer and more, with a B.A. in Journalism, I'd love to have the opportunity to set up a blog (like this one) for you! Click "hire me" for details!