The simplest way to add two-factor authentication (2FA) to WordPress

No more excuses: secure that WordPress login today

Ben Zumdahl
Oct 9, 2018 · 2 min read
(screenshot from Duo setup video)

On a recent project, a client requested that we enable two-factor authentication (2FA) for a WordPress website (a very good idea). We’d used Duo, a best-in-class security provider, on custom-built Rails applications before, but never with WordPress. We opted to try it here and I’m glad we did: it turns out setup was effortless and it’s easy to use.

Why Duo?

  1. It can be used free with up to 10 users
  2. There is a well-maintained plugin that makes set up quick and easy
  3. You can require two-factor for all users or only specific user roles
  4. Users can easily self-enroll (i.e., no burdensome set up)

How does it work?

After configuration, users go to the same WordPress login page as before. After entering the username and password a new prompt appears, which walks the user through authenticating a second way: either via a text message or the Duo app (or even a voice call).

Want to get started?

  1. Sign up for a free Duo account
  2. Install the WordPress plugin
  3. Watch the brief setup video

It took me less than 15 minutes to get signed up, configured, and logged into the WordPress website using Duo’s two-factor authentication. Given the benefits, cost (free), and ease of use, I anticipate we’ll be similarly enhancing many client WordPress sites in the near future.

Need a partner to help you secure your WordPress website? Let us know how we can work with you, today:

Fiat Insight

Building products with purpose. Since 2010.

Ben Zumdahl

Written by

Lead Developer at Fiat Insight

Fiat Insight

Building products with purpose. Since 2010.