The security of a website and preventing it from being hacked is one of the major problems that most webmasters face worldwide. It’s now very common to hear about security breaches nearly every day, some of which are due to bugs like the heartbleed bug, bash shell or POODLE, and if that wasn’t enough hackers continuously bang on websites and specially WordPress (as most of the users aren’t careful enough) to know the username and password and thus hijack the website.
One of the most effective ways to protect your website from being hacked is to use two factor authentication. Two factor authentication adds a second layer of security to your website, so even if the bad guys could guess your password and username they will be stopped by this second layer of security, there are various protocols for two factor authentication and it’s not the aim of this post to present and compare them. The aim of this post is to present to you how to add second factor authentication to your website using a very simple and convenient way using the plugin called Authy. So let’s dive into the steps:
Step One
First you’ll need to create an account on Authy’s website.
Link: https://dashboard.authy.com/signup?
After registering, generate an API key for your website.

Step Two
Download Authy’s plugin to your website.
Link: https://wordpress.org/plugins/authy-two-factor-authentication/

Step Three
After downloading and activating the plugin, open Authy settings page from your Dashboard >>Settings >>Authy. Copy and paste the API key you’ve generated from the first step.

Step Four
Download Authy’s app from either iOS or Android.
Step Five
Go to your profile and then to the Dashboard >>Users >> Your Profile and enable Authy. Then click on the blue “Update profile” tab.

Step Six
Log-out and try logging in back again and you’ll be prompted by a new window after entering your regular username and password. You should enter the Authy tokens that you’ll get using the mobile app.

Now, you’ve successfully added a second layer of security to your WordPress website.