Two-factor authentication (2FA) settings and password management

Choosing a two-factor authentication method

Step One: Choose Type

When you first log into your WordPress admin area, you will be prompted to select a two-factor authentication method: either email or app. Many websites require this now because of the added level of security; for your website, it helps ensure that things stay secure and your password cannot be guessed easily or hacked without much effort. 

  • If you choose email, you’ll receive a one-time code to your email every time you go to log in. WordPress will confirm that the user email will receive the code, and they will also specify the address the code will come from so you can add it to your contacts and keep the email out of your spam folder.
  • If you already use a two-factor authentication app (such as Google Authenticator, Authy, or 1Password) and know how to use it, feel free to select this option.

Step Two: Validate & Save

You’ll be asked to enter a code received via the option you selected. Paste that code into the space provided and click VALIDATE & SAVE. This ensures that 2-factor authentication has been set up.

Step Three: Generate Backup Codes

At this point, you’ll be given the option to generate a list of backup codes. You will want to do this in case there’s ever an issue with your email or the app that prevents you from getting a code in real-time. Store these backup codes somewhere safe, either in your password manager or another file that is secure and only accessible to you.

Note: Use your backup codes sparingly. They can be used in place of the code you would normally receive via email or app. 

🚨 Caution: Anyone with these codes will be able to access your entire account, so keep them in a safe and secure location. 

Changing your two-factor authentication method

Step One: Navigate to Users

Go to the Users tab and select your own user account. (You will have to be signed in to do this.) At the bottom, there will be options for changing your two-factor authentication method.

Step Two: Update Profile

Use the options available to either switch to using an app or change the email address used for your two-factor authentication. Be sure to complete all the steps required to make either change, and save changes by clicking Update profile at the bottom when you’re done.

Generating more backup codes

Step One: Select your account

Go to the Users tab and select your own user account. (You will have to be signed in to do this.) At the bottom, there will be a button for generating more codes.

Step Two: Generate codes

Click on Generate list of backup codes and save them to a secure location. 

Changing your password or the password for another user

Step One: Navigate to Users

Go to the Users tab and select the user whose password needs to be reset. Under Account Management, you’ll see New password. Click the button that says Set New Password. Then click on Update profile at the bottom of the page to save the changes.

Note: This will make the old password for the user invalid. If you’re doing this for someone else, we don’t recommend sending the new password via email or any other plain text method. 

Step Two: Enter new password

Either use the new password to log in or use the Forgot your password? option on the login screen (this is what we recommend for users other than yourself when you’ve reset their password for them). 

Was this helpful?

Thanks for your feedback!

Leave a Reply

Your email address will not be published. Required fields are marked *

Table of Contents