IT Consultancy, Web and App Development, AdSense, SEO, Graphic Design, Password Recovery and Security, Online Marketing, Corporate Services

2-step verification for WordPress

Security for WordPress website is a very important issue. If you know about Google’s 2-step verification system, then I am very happy to inform you, now this super security system is possible for WordPress websites. Google Authenticator generates 2-step verification codes on your phone, even without any Internet connection in Smartphone, even if you create any local WordPress server in PC.

Now follow the process:

Authenticator for multiple accounts

First Step,

Download the app ‘Google Authenticator’ in your Android, iOS or BlackBerry device. This single app can work with multiple accounts in multiple site. The download link for Android is

(Alternative Link: especially if you want to add multiple services like Facebook, Gmail, Yahoo, Amazon etc)

Second Step,

Download the WordPress plugin ‘Google Authenticator’ from this location: and install and activate it in your WordPress website.

(Alternative Link : especially if you want more options)

Third Step,

  • Go to your profile. Dashboard > Users > Your Profile
  • Find ‘Google Authenticator Settings’
  • Enable the option clicking on ‘Active
  • Modify the description, that you can recognize this specific account later on your Authenticator mobile app
  • Write down the secret key If you lose your mobile, it will help you then
  • Now Save Profile

Setup 2 Step Verification

(Note that the plug-in works for multiple users and each user has the choice of enabling it for them.)

Fourth Step,

Scan Code or Type Secret Key

From your phone’s Google Authenticator App, click the upper right corner. Now choose ‘Set up account or Add an account’ Choose to scan the bar-code and point your camera at the QR code. Time-based codes provide better protection against phishing and key-loggers because each code is only valid for a short amount of time. Now add the account. You can add multiple accounts here in this way.

Asking for code

Test it,

Log out, and see an extra text field to provide code. Remember, the unique code expires in a short amount of time for security purposes.

One Time Code

If you lose mobile?

Buy a new smart phone and install the app. Now add a new (actually old) account using the secret key (which was shown above barcode). Second way is, if your are the owner of website, then rename the ‘Google Authenticator’ plug-in folder for one minute using cPanel. Log-in quickly, retrieve secret key. Now rename the plug-in folder with its original name.

Happy blogging!