WordPress adds 2-step authentication

Users of WordPress blogs may now expect better security from hackers with the new optional two-step authentication feature.

 

In a blog post, WordPress said the feature involves requiring a second code sent via SMS or a smartphone app, aside from the regular password.

 

"Two Step Authentication works like this: when you log in to your WordPress.com account, we’ll prompt you to enter a secret number. To get that secret number, you’ll need to download the Google Authenticator App on your smartphone. It generates a new number every 30 seconds, making it virtually impossible to guess," it said.

 

Users without a smartphone, can opt to have the number sent to them via SMS.

 

WordPress advised users to print out some backup codes to keep in a safe place in case their phones are lost or stolen.

 

Also, it noted some apps that connect to WordPress.com accounts such as the WordPress mobile apps do not fully support two-step authentication yet.

 

"For these apps, you can generate unique passwords to use with each one (for example, you can have a different password on your phone and your tablet). If your device ever goes missing, you can disable its password with a single click, locking it out of your account," it said. — TJD, GMA News