How To: Setup 2FA in WordPress

  1. Log In to Your WordPress Dashboard
    • Go to your website’s login page (e.g., yoursite.com/wp-admin).
    • Enter your username and password to log in.


  2. Open Your Profile or Wordfence Login Security Page
    • After logging in, look for a notice at the top of the Dashboard that mentions “Configure 2FA” or “Activate 2FA.”



    • Alternatively, click on “Users” in the left menu, then “Profile” (or click on your username)
    • Scroll down until you see “Wordfence Login Security” or “Two-Factor Authentication”.



  3. Begin the 2FA Setup
    • Click the button that says “Configure 2FA” or “Activate 2FA.”
    • You’ll see a QR code and a text code (also called a “key”).



  4. Install an Authenticator App on Your Phone
  5. Scan the QR Code or Enter the Text Key
    • Open your authenticator app and find the option to add a new account.
    • Scan the QR code on your computer screen using your phone’s camera.
      • If you can’t scan the QR code, choose the option to manually enter the code (the text key) shown on the screen into your authenticator app.


  6. Enter the 6-Digit Code
    • Your authenticator app will show a 6-digit code that refreshes every 30 seconds.
    • Type this code into the “Enter Code from Authenticator App” field on your WordPress site.


  7. Activate and Save
    • Click “Activate” or “Save” to confirm.
    • You may see a message confirming that 2FA is now active.


  8. Save Your Backup Codes
    • Wordfence will provide backup codes you can download.
    • Keep these codes somewhere safe (like on paper or in a password manager). They can help you log in if you lose access to your phone.

That’s it!

Your WordPress account now has an extra layer of security. Each time you log in, you’ll first enter your usual username and password, then you’ll be prompted to enter the 6-digit code from your authenticator app. If you have any questions or run into any issues, just let me know!