When it comes to protecting your WordPress blog, you should do everything necessary to secure it. One area I’d recommend all webmasters look into is enabling two-step and single sign on authentication with WordPress.
There are multiple plugins that enable two factor authentication with WordPress and many of them are really good.
I personally opt for Jetpack. Jetpack is a free plugin created by WordPress developers to provide more features to enhance WordPress. I don’t use all the features added to Jetpack, but Single Sign On (SSO) is one of the features I enable on all my WordPress websites.
This brief tutorial is going to show students and new users how to enable 2 factor and SSO authentication with WordPress using Jetpack. When it is enabled, only users who received the authentication code on their mobile device will be allowed to sign on to the site’s admin dashboard.
This will greatly enhance your blog security. Other security requirements should probably be implemented to provide a robust security measurement for your WordPress sites.
To enable Jetpack 2-factor / SSO authentication with WordPress, follow the guide below:
Step 1: Sign up for a free WordPress.com account
Before you can use Jetpack, you must have a free wordpress.com account. Go to the link below go sign up for a free account. After signing up, log back onto your account and go to your Profile –> Security –> Two-Step Authentication.
After enabling the two-step authentication and providing the mobile device number to receive the authentication codes, logon back onto your WordPress blog and install the free Jetpack plugin.
Step 2: Install Jetpack plugin on WordPress
To install the free Jetpack plugin, logon to your WordPress admin dashboard and go to Plugins –> Add New. The search for and install Jetpack
Step 3: Connect Jetpack to WordPress.com and turn on SSO
After installing and activating Jetpack, go to Jetpack –> Settings –> Security –> and turn on Single Sign On. You should connect Jetpack to wordpress.com first before you will see the settings page. Check the box to Require Two-Step Authentication and save your settings. You don’t have to Match by Email. you can leave unchecked.
Save your settings and you’re done.
Step 4: Add Jetpack codes to your theme’s file.
Finally, you need to add the two lines of codes to your theme’s function.php file. To edit the function.php file for your theme, click Appearance –> Editor as shown in the image below.
Then add the two lines to the middle of the theme’s functions.php file, on a blank line and save.
add_filter( 'jetpack_remove_login_form', '__return_true' ); add_filter( 'jetpack_sso_require_two_step', '__return_true' );
Save the file and you’re done. After saving the changes, logout of WordPress and try go log back in, you should see a message to logon with wordpress.com.
Visit the page below to see all custom code settings you can use with Jetpack.