Keeping your child sites secure is always worth taking the time to setup now more than ever. There is a new easy-to-use plugin for 2FA (two-factor authentication), and it is called WP 2FA. The plugin is from the same developers as WP Security Audit Log.
After you have installed and activated the WP 2FA plugin on your child site, you can quickly go through the setup wizard. The recommended method will be to use the Google Authenticator application available for iOS and Android.
The setup wizard will guide you through the QR code to scan in the Google Authenticator application, which means that before going through this, you will need to have the application downloaded and installed on your phone.
During the setup wizard, you can choose which user roles will need to use 2FA and which user roles you want to exclude from 2FA.
You can also set the grace period before users will be forced to use 2FA in order to be able to log in on the child site.
Once you have gone through the setup wizard, you will need to scan the WP2fa generated code.
Scan the above QR from Google Authenticator or any other authenticator application and enter the code like below.
Alternatively, you can generate backup codes that can be downloaded or printed.
After enabling the WP 2FA plugin, once you’ve logged in to wp-login.php, you’ll be required to keep your Google Authenticator application open. When prompted, enter the current 2FA code generated by the application.
If you encounter any difficulties using the Google Authenticator application, don’t worry. You can utilize one of the backup codes to access your WordPress site.
The WP 2FA plugin offers a user-friendly solution to enhance the security of your sites through two-factor authentication.
