To set up Two-Factor Authentication (2FA) in WordPress using WP Ghost, you need to follow several steps that involve activating the feature and configuring 2FA for your user accounts.
Activate Two-Factor Authentication
- Go to WP Ghost > Overview > Features in your WordPress dashboard.
- Toggle the 2FA feature to “On” to enable it.
- Click Start Feature Setup to access the 2FA settings page.
Choose Your 2FA Method
Authenticator App (e.g., Google Authenticator):
- Go to WP Ghost > 2FA Login > Settings and activate 2FA Code.
- Use an authenticator app to scan the provided QR code. The app will generate a one-time code for each login attempt.
- Set up customization options, such as max failed attempts and ban duration.
Email Code:
- Alternatively, you can choose to receive a one-time code via email.
- Go to WP Ghost > 2FA Login > Settings, activate Email Code, and configure the email address for receiving codes.
For each user, click Add Two-Factor Authentication under their profile.
If using the authenticator app, scan the QR code or enter the text key into the app and enter the generated code to complete the setup. If using the email method, specify the email address to receive the 2FA code.
Testing
Log out and test the 2FA setup by logging in again. You’ll be prompted to enter the generated code (either from the app or email) to access the WordPress dashboard.
Read More: Two-Factor Authentication