According to the folks from WordPress, over 60 million people have chosen it to power their space on the web. That's a pretty impressive number and well deserved. I've been using WordPress since it's earliest versions and goodness it's been a great ride. Sadly, popularity also makes it a bigger target for nasty people like hackers.
It really doesn't matter what you use WordPress for - a profitable venture or just a place to share your creativity. I bet if you lost your site today you'd be crushed. That's why you should take precautions to avoid it as much as possible, or at the very least minimize the impact.
If you go to WordPress.org's Codex, there is a list of things you can do to help you close some loops and tighten the security of your site. Among the items in the list is to secure administrative access.
This can be done by password protecting your wp-admin folder. It requires no extra cost other than a few minutes of your time to set up and it is often effective enough.
Another method I've tried lately is using a plugin called Duo Two-Factor Authentication. Here's how it works. When you log in to your WordPress powered site, it'll present you with another authentication screen this time, you are given the option to approve the login either through an app installed on your cell phone or by entering a numeric code sent to your cell phone via text or a phone call.
Sounds super high tech right? And it is, but the plugin developers have made is easy to integrate into WordPress. There are a few easy steps you need to take.
You first install the plugin. Next, sign up for a free account at DuoSecurity.com. You'll receive an email with your logins. It took us a while to get that email so you may have to be patient when you first sign up. Once in, you set up an integration so you can receive the necessary application keys. When you are given the keys, simply paste them into your site, select who you want two-factor authentication to be turned on for.
Next time you log in, you will be asked to set up your 2nd level authentication. That will require some answering of your phone or checking your cell for text messages as the system verifies and links your phone to your user account for this website. Once you're done with that, you're set.
If you're concerned about the number of steps needed to log in every single time, don't be. Because they've made it quite seamless and easy especially if you have the app installed on your phone. All you need to do is just hit approve and you'll automatically be logged into your admin area.
I find it very interesting to see the information of people trying to log in to my site using my account. It'll probably be even more satisfying when I get the chance to hit Decline to lock people out. Thankfully that has not happened at time of writing.
Next time you want to secure your administrator account on WordPress, give two-factor authentication a go. There are other plugins in the repository other than Duo that you can check out as well - by the way, I don't represent Duo or earn anything from sharing their product here. Just a happy and very impressed user.
Changing Your Password To Improve Your Website Security How To Keep Users and Data Safe On The Web Reality Overtakes Fiction: We Are Already at War, Albeit Electronic, But War All the Same An Explanation of CISPA for Small Businesses Protect Your Privacy With Reputation Management Top 5 Reasons to Check Website Security
0 comments:
Post a Comment