Accesses protected by 2FA
For a few years now, it has been shown that it is not enough to have a username and password to protect access to a website, mainly to the administration area of the site, which in the case of WordPress is the dashboard and this has led the security industry to develop additional or “extra” systems to add more layers of protection to website login forms, whatever their nature.
This additional layer of security is called second factor authentication or “authorization” and serves to validate an access, apparently legitimate, of a user who has the access credentials (username and password) to guarantee that you can enter WordPress not only because you have the access data (they could be stolen of a legitimate owner) but because it validates that access with another method, in the case of 2FA a mobile device that, through an application, generates a code in real time, which changes every few seconds/minutes and authenticates the access as legitimate.
In WordPress there are many ways to add 2FA as an additional layer of protection against access to the web administration panel, and one of them is CiberProtector and its 2FA code manager, which help the user who owns the site or with legitimate access (Contributor, Author, etc.) to pass the threshold of wp-admin or wp-login.php seamlessly, using the 2FA code generated by the app on your mobile device.
Facebook Comments
Disqus