How to use two-factor authentication in WordPress with Clef
This article describes how to configure WordPress to use two-factor authentication with the Clef plugin. The Clef plugin works together with mobile devices to provide two-factor authentication services for WordPress.
Two-factor authentication is more secure than only requiring users to type a password, and helps secure your site against unauthorized access.
Step 1: Install the Clef app on a mobile device
Before you install the WordPress plugin, download and install the Clef app on one of your mobile devices, such as a smartphone or tablet.
Clef currently supports the following operating systems:
After you install the app on your mobile device, follow the prompts to create a Clef login account.
Step 2: Install the Clef plugin in WordPress
After you install the Clef app on your mobile device, you are ready to install the Clef plugin in WordPress. To do this, follow these steps:
- Log in to your WordPress site as the administrator.
- In the left-hand pane, click Plugins.
- Click Add New.
- In the Search Plugins text box, type clef, and then press Enter.
- Locate Clef Two-Factor Authentication, and then click Install Now.
- After WordPress finishes installing the plugin, click Activate Plugin.
To configure the Clef plugin to work with your WordPress site, follow these steps:
- Log in to your WordPress site as the administrator.
- In the left-hand pane, click Clef.
- Click Get Started.
- Click I already have the app.
- WordPress displays the Clef wave. On your mobile device, start the Clef app, and then hold the device up to the screen so the two waves can synchronize.
- After the two waves synchronize, two things happen:
- The mobile device confirms the login, and displays a timer that shows how much longer the login session remains valid.
You can change the login timer settings to any duration you choose.
- In WordPress, an e-mail verification box appears. If you want to change the e-mail verification address, type the new e-mail address and then click the green icon.
Log in to the e-mail address that you specified for verification, and then click the hyperlink in the message from Clef to verify the e-mail address.
- Click Complete setup. You can invite additional users to use Clef for logins. When you are done, click Continue and finish setup.
You can now log in to WordPress using Clef. Whenever you try to log in to WordPress after a session expires, the WordPress login page shows the Clef wave. Hold your mobile device up to the screen so the two waves can synchronize, and then Clef logs you in automatically.
Disabling Clef for WordPress
If you want to disable Clef logins for WordPress, follow these steps:
- Log in to your WordPress site as the administrator.
- In the left-hand pane, click Clef.
- Under Disable passwords, clear the Disable passwords for Clef users check box, and then click Save Changes.
- In the left-hand pane, click Plugins, and then click Installed Plugins.
- Locate Clef, and then click Deactivate. You can now log in to WordPress using only a username and password.
Related Articles