{"id":4462,"date":"2014-05-17T09:35:14","date_gmt":"2014-05-17T09:35:14","guid":{"rendered":"http:\/\/demo.momizat.net\/goodnews\/?p=201"},"modified":"2014-05-17T09:35:14","modified_gmt":"2014-05-17T09:35:14","slug":"google-two-factor-authentication","status":"publish","type":"post","link":"https:\/\/bulandrashtrawadi.in\/?p=4462","title":{"rendered":"Google Two-Factor Authentication"},"content":{"rendered":"<figure class=\"final-product final-product--image\"><img decoding=\"async\" src=\"https:\/\/cms-assets.tutsplus.com\/uploads\/users\/317\/posts\/22263\/final_image\/preview.jpg\" alt=\"Final product image\" \/><figcaption>What You&#8217;ll Be Creating<\/figcaption><\/figure>\n<p><a href=\"http:\/\/codex.wordpress.org\/Brute_Force_Attacks\" target=\"_self\" rel=\"noopener\">Brute force login attacks<\/a> targeting WordPress sites are quite common, such as in April 2013 when <a href=\"http:\/\/mashable.com\/2013\/04\/15\/hackers-wordpress-blogs\/\" target=\"_self\" rel=\"noopener\">more than 90,000 sites were targeted<\/a>. There are a handful of good ways to protect yourself against these attacks:<\/p>\n<ul>\n<li>Choosing a strong administrator password<\/li>\n<li>Installing a plugin that guards against brute force logins, such <a href=\"https:\/\/wordpress.org\/plugins\/all-in-one-wp-security-and-firewall\/\" target=\"_self\" rel=\"noopener\">All in One WP Security<\/a> or <a href=\"https:\/\/wordpress.org\/plugins\/bruteprotect\/\" target=\"_self\" rel=\"noopener\">BruteProtect<\/a><\/li>\n<li>Changing the default wp-admin url with a plugin such as <a href=\"https:\/\/wordpress.org\/plugins\/hc-custom-wp-admin-url\/\" target=\"_self\" rel=\"noopener\">HC Custom URL<\/a><\/li>\n<\/ul>\n<p>However, I prefer to use a <a href=\"http:\/\/en.wikipedia.org\/wiki\/Two-step_verification\" target=\"_self\" rel=\"noopener\">two-factor authentication method<\/a> that requires a code from my phone to complete the login process. <a href=\"https:\/\/support.google.com\/accounts\/answer\/1066447?hl=en\" target=\"_self\" rel=\"noopener\">Google&#8217;s Authenticator<\/a> has been gaining ground as a mobile app for providing secure codes. In fact, you may already have the Google Authenticator app on your phone, as a number of web services are now integrating with it, including cloud file store provider <a href=\"https:\/\/www.dropbox.com\/\" target=\"_self\" rel=\"noopener\">Dropbox<\/a>, cloud hosting provider <a href=\"https:\/\/www.digitalocean.com\/\" target=\"_self\" rel=\"noopener\">Digital Ocean<\/a>, and name service provider <a href=\"http:\/\/gandi.net\/\" target=\"_self\" rel=\"noopener\">Gandi.net<\/a>.<\/p>\n<p>And, fortunately, there is a simple <a href=\"https:\/\/wordpress.org\/plugins\/google-authenticator\/\" target=\"_self\" rel=\"noopener\">WordPress plugin<\/a> by <a href=\"https:\/\/profiles.wordpress.org\/henrikschack\/\" target=\"_self\" rel=\"noopener\">Henrik Schack<\/a> that integrates with Google 2fa; it&#8217;s also called Google Authenticator. Installing and using this plugin is quite easy\u2014and the security benefit is significant.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/cms-assets.tutsplus.com\/uploads\/users\/317\/posts\/22263\/image\/google-auth-plugin.jpg\" alt=\"Google Authenticator WordPress Plugin by Henrik Schacks\" \/><\/p>\n<p>This tutorial will walk you through setting up the Google Authenticator WordPress plugin for your own sites.<\/p>\n<h2 class=\"nolinks\">Installing the Google Authenticator Plugin<\/h2>\n<p>From your WordPress Dashboard, go to install a new plugin and search for Google Authenticator, and click <strong>Install Now<\/strong>:<\/p>\n<figure class=\"post_image\"><img decoding=\"async\" src=\"https:\/\/cms-assets.tutsplus.com\/uploads\/users\/317\/posts\/22263\/image\/install-ga.jpg\" alt=\"Install the Google Authenticator Plugin\" \/><\/figure>\n<p>Then, click <strong>Activate Plugin<\/strong>:<\/p>\n<figure class=\"post_image\"><img decoding=\"async\" src=\"https:\/\/cms-assets.tutsplus.com\/uploads\/users\/317\/posts\/22263\/image\/installing.jpg\" alt=\"Activate the plugin\" \/><\/figure>\n<p>From the dashboard, click <strong>Users &gt; Your Profile<\/strong> and scroll down to the Google Authenticator settings:<\/p>\n<figure class=\"post_image\"><img decoding=\"async\" src=\"https:\/\/cms-assets.tutsplus.com\/uploads\/users\/317\/posts\/22263\/image\/authenticate-settings.jpg\" alt=\"Google Authenticator Plugin Settings\" \/><\/figure>\n<p>Click on the checkbox for <strong>Active<\/strong>. Modify the description so that you will recognize the site on your Google Authenticator mobile app and show the QR code.<\/p>\n<p>Note that the plugin works for multiple users\u2014and each user has the choice of enabling it for themselves.<\/p>\n<h3 class=\"nolinks\">Adding Your Site to the Mobile Authenticator App<\/h3>\n<p>From your mobile Google Authenticator App, click the upper right pen (for editing). Click the plus sign at the bottom for adding a site. Choose to scan the barcode and point your camera at the QR code. The process is quite fast.<\/p>\n<figure class=\"post_image\"><img decoding=\"async\" src=\"https:\/\/cms-assets.tutsplus.com\/uploads\/users\/317\/posts\/22263\/image\/mobile-setup2.jpg\" alt=\"Add Your WordPress Site to Mobile Google Authenticator App\" \/><\/figure>\n<p>Log out of your WordPress site and you should see the additional field for Google Authenticator on your login screen!<\/p>\n<figure class=\"post_image\"><img decoding=\"async\" src=\"https:\/\/cms-assets.tutsplus.com\/uploads\/users\/317\/posts\/22263\/image\/wp-login-2fa.jpg\" alt=\"WordPress Login with Google Authenticator Two Factor Authentication\" \/><\/figure>\n<p>To log in, enter your username and password as usual, but visit your Google Authenticator mobile app to get the additional code for logging in. The codes are time-critical and expire every few minutes.<\/p>\n<figure class=\"post_image\"><img decoding=\"async\" src=\"https:\/\/cms-assets.tutsplus.com\/uploads\/users\/317\/posts\/22263\/image\/get-the-code.jpg\" alt=\"Retrieve your mobile authenticator code to login\" \/><\/figure>\n<p>Congratulations, you&#8217;ve successfully implemented two-factor authentication on your WordPress site.<\/p>\n<h3 class=\"nolinks\">Troubleshooting<\/h3>\n<p>In writing this tutorial, I was accidentally logged out of my site before I had registered my site with the mobile app. I couldn&#8217;t log back in\u2014but luckily, there is a <a href=\"https:\/\/wordpress.org\/support\/topic\/logged-out-of-wp-admin-before-setting-up\" target=\"_self\" rel=\"noopener\">simple solution<\/a> listed on the plugin support page.<\/p>\n<p>I just had to log in via SSH to my server and change the name of the plugin folder temporarily. Then, I logged back into WordPress, reset the plugin folder name, added my site on my mobile app, and I was good to go.<\/p>\n<p>Another way to do this is through the database using a tool such as <a href=\"http:\/\/code.tutsplus.com\/tutorials\/installing-and-using-phpmyadmin-for-web-development--cms-21947\" target=\"_self\" rel=\"noopener\">PHPMyAdmin<\/a>and <a href=\"http:\/\/perishablepress.com\/quickly-disable-or-enable-all-wordpress-plugins-via-the-database\/\" target=\"_self\" rel=\"noopener\">these queries<\/a>. If you&#8217;re not self-hosting, you may need to request help from your hosting company.<\/p>\n<h2 class=\"nolinks\">In Closing<\/h2>\n<p>I hope you&#8217;ve found this useful; now go secure your WordPress sites.<\/p>\n<p>Please post any comments, corrections or additional ideas below. You can browse my other Tuts+ tutorials on <a href=\"http:\/\/tutsplus.com\/authors\/jeff-reifman\" target=\"_self\" rel=\"noopener\">my author page<\/a> or follow me on <a href=\"https:\/\/twitter.com\/intent\/user?screen_name=reifman\" target=\"_self\" rel=\"noopener\">Twitter @reifman<\/a>.<\/p>\n<p>&nbsp;<\/p>\n<p>from : http:\/\/code.tutsplus.com\/tutorials\/using-google-two-factor-authentication-with-wordpress&#8211;cms-22263<\/p>\n<blockquote class=\"mom_quote \" style=\"font-family:verdana;font-size:14px;font-style:italic;border-left-color:#dd9933; color:#474747; background-color:#F5F5F5; \"><span class=\"quote-arrow\" style=\"border-left-color:#dd9933;\"><\/span>This Demo Content Brought to you by <a href=\"http:\/\/momizat.com\/\" target=\"_blank\" rel=\"dofollow noopener\">Momizat Team<\/a> <\/blockquote>\n<h2>this is tags and keywords : wordpress themes momizat Tutorial wordpress  templates<\/h2>\n","protected":false},"excerpt":{"rendered":"<p>What You&#8217;ll Be Creating Brute force login attacks targeting WordPress sites are quite common, such as in April 2013 when more than 90,000 sites were targeted. There are a handful of good ways to protect yourself against these attacks: Choosing a strong administrator password Installing a plugin that guards against brute force logins, such All [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":202,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[75,78,79,80,83],"_links":{"self":[{"href":"https:\/\/bulandrashtrawadi.in\/index.php?rest_route=\/wp\/v2\/posts\/4462"}],"collection":[{"href":"https:\/\/bulandrashtrawadi.in\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bulandrashtrawadi.in\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bulandrashtrawadi.in\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bulandrashtrawadi.in\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4462"}],"version-history":[{"count":0,"href":"https:\/\/bulandrashtrawadi.in\/index.php?rest_route=\/wp\/v2\/posts\/4462\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bulandrashtrawadi.in\/index.php?rest_route=\/wp\/v2\/media\/202"}],"wp:attachment":[{"href":"https:\/\/bulandrashtrawadi.in\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4462"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bulandrashtrawadi.in\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4462"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bulandrashtrawadi.in\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4462"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}