Protect your WordPress connection

Posted by

WordPress is often criticized for its security problems, but it’s an easily accessible tool for creating a website. In this article we will see an essential element, the protection of access to the administration panel thanks to the two-factor authentication.

I have tested several plugins and for the moment the one that has given me the greatest satisfaction is: Two-Factor: Two-Factor

Its advantages are:
– Availability of several options to authenticate
– Flexibility in activating options
– Support for several U2F keys

Set up

In the plugins management interface search for Two-Factor and install it. Access your profile and you will be able to activate one or several options to secure your access after entering your password

Email: an email sent you to validate the access. This is the same as that used by the account, so it is a fairly insecure option

Code OTP: a fairly easy to use option but of medium security

FIDO U2F: very safe, but quite restrictive. Provide an emergency key or combine with the single-use code

Single use Code: very difficult to use, can only be used as a backup method

Securing

After entering your password, your second factor will be requested. If your password is stolen, the intruder will not be able to connect.
The change to 2FA may also be used to detect possible re-appropriation of accounts by a third party.

Security is not an absolute science and no system is perfect. It is a question of stacking the layers and making the task as difficult as possible for the attacker while keeping a certain comfort of use.

Leave a Reply

Your email address will not be published. Required fields are marked *