Choosing a two-factor authentication method
Step One: Choose Type
When you first log into your WordPress admin area, you will be prompted to select a two-factor authentication method: either email or app. Many websites require this now because of the added level of security; for your website, it helps ensure that things stay secure and your password cannot be guessed easily or hacked without much effort.
- If you choose email, you’ll receive a one-time code to your email every time you go to log in. WordPress will confirm that the user email will receive the code, and they will also specify the address the code will come from so you can add it to your contacts and keep the email out of your spam folder.
- If you already use a two-factor authentication app (such as Google Authenticator, Authy, or 1Password) and know how to use it, feel free to select this option.
Step Two: Validate & Save
You’ll be asked to enter a code received via the option you selected. Paste that code into the space provided and click VALIDATE & SAVE. This ensures that 2-factor authentication has been set up.
Step Three: Generate Backup Codes
At this point, you’ll be given the option to generate a list of backup codes. You will want to do this in case there’s ever an issue with your email or the app that prevents you from getting a code in real-time. Store these backup codes somewhere safe, either in your password manager or another file that is secure and only accessible to you.
Note: Use your backup codes sparingly. They can be used in place of the code you would normally receive via email or app.
🚨 Caution: Anyone with these codes will be able to access your entire account, so keep them in a safe and secure location.
Changing your two-factor authentication method
Step One: Navigate to Users
Go to the Users tab and select your own user account. (You will have to be signed in to do this.) At the bottom, there will be options for changing your two-factor authentication method.
Step Two: Update Profile
Use the options available to either switch to using an app or change the email address used for your two-factor authentication. Be sure to complete all the steps required to make either change, and save changes by clicking Update profile at the bottom when you’re done.
Generating more backup codes
Step One: Select your account
Go to the Users tab and select your own user account. (You will have to be signed in to do this.) At the bottom, there will be a button for generating more codes.
Step Two: Generate codes
Click on Generate list of backup codes and save them to a secure location.
Changing your password or the password for another user
Step One: Navigate to Users
Go to the Users tab and select the user whose password needs to be reset. Under Account Management, you’ll see New password. Click the button that says Set New Password. Then click on Update profile at the bottom of the page to save the changes.
Note: This will make the old password for the user invalid. If you’re doing this for someone else, we don’t recommend sending the new password via email or any other plain text method.
Step Two: Enter new password
Either use the new password to log in or use the Forgot your password? option on the login screen (this is what we recommend for users other than yourself when you’ve reset their password for them).