We take the security of your website serious which is why we require all website administrators to use two-factor authentication (aka 2FA) to log into their website. If you signed up for your website then you’re an administrator and are required to set it up in order to continue to access your website.
Two-factor authentication requires two forms of identification to log into your website admin dashboard. It requires your password (preferably a strong password) and a code from a device that you have such as your smartphone. The code you have refreshes every 30-seconds so it’s nearly impossible to get a hold of a code that’s still valid unless someone has your device.
These instructions will help you set up 2FA for your website which is the first thing you should do once you sign up for a website plan.
Download An Authenticator App
You will need to have an authenticator app on your smartphone or computer to set up 2FA. We recommend either of the following authenticator apps which are very popular and trustworthy.
- Authy – Download for iOS or Download for Android
- Google Authenticator – Download for iOS or Download for Android
Once you’ve downloaded your preferred authenticator app then you can set up two-factor authentication in your WPHubSite WordPress admin dashboard.
Enable And Set Up 2FA
Step 1: Log into your WPHubSite WordPress admin dashboard by going to your domain with /login/ at the end of it. (ex. https://domain.wphubsite.com/login/ or https://www.domain.com/login/).
Step 2: Open the Login Security page in your admin dashboard navigation.
Step 3: Download or save the recovery code in case you lose your authenticator app access or device. Be sure you have this in a very secure location that’s not easily accessible.
Step 4: Use your authenticator app to scan the QR code that’s displayed in your WPHubSite admin dashboard.
Note: The pictures to the right is Authy which is a free authenticator app. You can download Authy for iOS and Authy for Android.
Step 5: Name the account something you will recognize later. You can name it WPHubSite Website or something along those lines.
Step 6: Once your account is created in your authenticator app then you will have a code available that refreshes every 30 seconds. Type the code into code box.
Step 7: Click the Activate button to complete enabling two-factor authentication for your login.
Step 8: The next time you log into your website you will first log in with your username and password and then with your 2FA code. You can set your browser to remember the current device for 30 days.
Step 9: Click the Log In button to log into your account. If you selected to remember your password for 30 days then you won’t see the 2FA code box for 30 days.
That’s it! Your account is now more secure than ever. Nobody can log into your website without having access to your username, password, and your authenticator app.
Note: Keep in mind that you should never share any of this information with anybody. You can create unique logins for anybody (number available to your account varies by plan) who needs access to your admin dashboard.