WordPress Security Plugins 2015: Google Authenticator Two Step Authentication

Plugin by:
Henrik Schack
Version:
0.47
Price:
Free

Reviewed by:
Rating:
5
On March 4, 2015
Last modified:March 9, 2015

Summary:

Google Authenticator is a great WordPress plugin for increased security and protection of your WordPress site and blog.

WordPress is secure but you can always do more to protect your site. Increase security for the WordPress login page with the Google Authenticator WordPress plugin. This is the 2-step authentication solution you were waiting for.
WordPress login works with a username and password. A hard to guess password is always a good idea but sometimes it’s not enough. Adding 2-step verification to any WordPress blog and site makes it harder to hack.

WordPress Security With 2-step Authentication And Your Smartphone

Two step authentication is also knows as 2 step verification. It’s used by Google, Apple, Dropbox and many more billion dollar companies. Including banks.

The Google Authenticator WordPress plugin offers extra security with little hassle. It adds another layer of protection in case someone steals your password. Every login in to WordPress now requires an extra “password” along with the password.

Even if your password is stolen or compromised you are safe. The hacker will need access to your smartphone to login to WordPress admin.

Google Authentication And Google Authenticator Secure Your WordPress

The Google Authenticator WordPress security plugin uses the Google Authentication app to generate extra passwords. The app is available for free for iOS and Android. It works by providing random numbers that expire after a while. These numbers act as an extra password protecting your WordPress login from malicious users.

Two-factor authentication can be enabled on a per-user basis. You could enable it for your WordPress admin account. It also works for less privileged accounts, such as editors and authors.

According to the plugin author: “If You need to maintain your blog using an Android/iPhone app, or any other software using the XMLRPC interface, you can enable the App password feature in this plugin, but please note that enabling the App password feature will make your blog less secure”.

SEE: Opal, Semantic WordPress Theme

If an unauthorized person wants to access your WordPress admin will have to:

  • Steal your password
  • Steal your smartphone
  • Unlock your smartphone
  • Open Google Authentication app

It’s not impossible but it’s highly unlikely something like that will happen without noticing. Missing your smartphone equals panic attack. That’s why the concept of Google Authenticator plugin is so powerful.

iPhone Touch ID For Faster WordPress Secure Logins

iPhone users will find the experience smoother compared to Android users. The reason is Touch ID. Unlocking the iPhone and opening Google Authentication app takes less than 2 seconds.

Two step authentication is not a panacea to WordPress security. It’s another way of increasing the security of your site and blog. Google, Apple, Dropbox and banks all uses 2-step authentication. Now you can too on your WordPress site. WordPress security plugins will be big in 2015. [photo]