Disclosure: This post contains affiliate links. If you buy or sign-up through one of those links, you won’t pay a penny more but we’ll get a small commission that helps us in running this blog. Read the Disclosure page.
Getting your blog hacked is the worst thing that can happen. Imagine one day you wake up only to find out you can’t log in to your site.
I know it’s scary, but it can happen anytime. There are many ways hackers used to get access to their target sites. One of them being the Brute Force method.
Brute Force is a trial-error method used by an application to decode encrypted passwords. They can use this method to encrypt your site login password.
That is why you need to have strong security to reduce such risks & Google Authenticator can help you with that.
If you want to know how to use Google Authenticator for your website to keep it secure, ensure to read it till the end.
- 13 Best Fiverr gigs for bloggers to ease your work
- 16 Blogging Tools & Resources for those who have no idea about blogging
What Is Google Authenticator?
Google Authenticator is an application that uses a two-step verification service with the help of a Time-based One-time Password Algorithm (TOTP) and HMAC-based One-time Password Algorithm (HOTP).
Two-step verification is also known as multi-factor authentication, where a user can only access an account after they successfully present several other evidence to an authentication mechanism apart from user name & password.
If you are using Google Authenticator, you will notice an extra text box in your WordPress login window for Google Authenticator Code. This is where you need to enter a code generated by the GA app.
Why Google Authenticator Is Useful?
Every day Google blacklist websites that are considered spam. Most of them are hacked sites that redirect visitors to other suspicious websites where their computers can become infected with viruses.
Usually, this happens when hackers inject malicious codes after getting access to the back end of the website. Thus, a secured site is a must, to avoid any online spam attacks.
With Google Authenticator, you can add an extra layer of security to your website. When you install it, GA adds a text box in your login window where you need to enter a code generated by the GA app. This code can only be seen from your smartphone, and the code refreshes every minute.
This means every code generated has a one-minute validity & you need to enter them within a minute, else it becomes invalid. Thus, if anyone wants to target your site, they need to figure out this code within one minute, which is quite hard to crack.
How To Use Google Authenticator?
- Install the Google Authenticator app on your smartphone. It is available for both Android & iPhone.
- Next, install the Google Authenticator WordPress plugin from your plugins section.
- Once the plugin is installed, go to Users > Your Profile.
- Under Google Authenticator settings, checkmark the Active option.
- Now open the app to see two options i.e. Scan a barcode & Enter a provided key.
- If you go with the barcode option, you need to scan the QR code found under Google Authenticator Settings with the smartphone app.
- Scan it & your GA app will get connected to the GA WordPress plugin.
- Alternately, you can also choose the second option i.e, ‘Enter a provided key’ to connect both of them. All you have to do is enter your account name (WordPress username) & key to get connected. The key can be found under the settings as shown below.
- Once it is connected, you can see a 6 digit code in the app which changes every minute (you can adjust the time). You need to enter the same on your WordPress dashboard login window within a minute to login.
This is how you can set-up & activate the Google Authenticator app on your WordPress site.
What If My Mobile Get Lost?
If you installed Google Authenticator, then the only way to login to your site is by entering the code generated on your mobile.
But what if your mobile gets lost? How will you login?
Don’t worry, even if your smartphone gets lost, you just need to uninstall the plugin from your site.
To do so, access your WordPress C-panel & open your file manager. Then, follow the below-mentioned root and delete the Google Authenticator folder.
Public_html > wp-content > plugins > google-authenticator
Once deleted, the plugin will be uninstalled, and then, you can log in normally as you always do.
Backup Your Website Data
I recommend that you should always backup your site data weekly. That’s because even if someone hacks and deletes all your website information, you can still revive it using your saved backup.
Though there are many plugins (both free & paid) for the same, I use the UpdraftPlus Backup plugin to schedule it weekly. This means Updraft will save all my website files and data on my Google Drive every week.
If you don’t want to save it on Google Drive, you can try other storage options like DropBox.
Overall, creating a backup of your entire website is a good practice to stay in the green zone.
Final Thoughts – How to Use Google Authenticator For Your Website
So, if you want to keep your website safe from hackers, using Google Authenticator is one option you got. Besides this, there are many different plugins available on WordPress that can keep your site safe from all the illegal online activities.
Now, it’s your turn to tell me, have your site ever hacked? You can drop your comments down below.