Wordfence’s (we use this within WordPress) Cellphone Sign-in
uses a technique called “Two Factor Authentication” which is used by banks, government agencies and military world-wide as one of the most secure forms of remote system authentication. It’s now available from Wordfence for your WordPress website. “Two Factor” relies on two things: Something you know (your password) and something you have (your cellphone). To access your website, you need to know your password and have your cellphone with you.
Cellphone sign-in is a two step sign-in process. When you enable this feature for a member, they first sign-in using their username and password. Then they receive an SMS on their cellphone containing a code. Then they sign in again using their username, and they reenter their password with a space and the code they received at the end of the password.
Cellphone Sign-in eliminates all common forms of brute force hacking. For a hacker to access a user account with Cellphone Sign-in enabled, they would have to steal a member’s cellphone to access their account. We recommend you enable Cellphone Sign-in for all Administrator level accounts.
To enable Cellphone Sign-in Authentication for a user account:
- Enter the username.
- Enter a phone number where the code will be sent when the member wants to sign in.
- Hit the enable button.
- An activation code is sent to the member’s phone.
- Get the activation code from the member and enter it next to the username in the list below.
- Click the “Enable” button to enable Cellphone Sign-in for that member.
- From now on the user will only be able to sign-in by using Cellphone Sign-in.
|Enter a username to enable Cellphone Sign-in:|
|Enter a phone number where the code will be sent:||Format: +1-123-555-5034|