Two Factor Authentication, also known as 2FA, two step verification or TFA (as an acronym), is an extra layer of security that is known as “multi factor authentication” that requires not only a password and username but also something that the user (and only that user) has on them – for example, a piece of information only they should know or have immediately to hand – such as a physical token.

Banks use 2FA tokens for secure logins – and have for years – but website owners are typically behind the times. We didn’t have a free and easy way to enable 2FA until Google announced back in 2011 that their users could utilize it as part of their account login credentials. They released an App called “Google Authenticator” which basically generates a code every few minutes that the user would have on-hand with them at all times on their phones. Microsoft and Yahoo followed suit shortly afterwards, and it’s now a pretty common thing to see, with over 100,000 unique users using Google Authenticator alone.

So where does it fit into WordPress? Well, if you enable two factor authentication on your website it means that nobody will be able to log in without that extra code, which you alone will have. You will never again have to worry about brute force attempts or password guessing, because it simply will. not. work.

