WordPress.com has incepted a new way to protect its users. What is it? – A guarding personnel, a scout dog or a heavy metal lock for each blog? No! The company has come up with the idea of two-step authentication, which renders an added layer of protection to its users.

While giants like Facebook, Google, Yahoo and Apple (to some extent), have rolled out this feature for their users long ago, WordPress.com happens to be the most recent member to join the league. The idea behind this new security measure is to ask users to verify their credentials via two means as they log into their accounts.

As users turn on this security feature on their WordPress.com blog, they will still be able to use their old password. Besides, after every log in attempt, they will be prompted to enter a unique numerical code, which can be generated using Google Authenticator App available on all major smart phones. For those phones which do not support this app, Nokia and Windows for instance, several third-party apps are available. Moreover, they have the option of receiving the code via simple text message service on regular mobile devices.

The official WordPress.com blog lists the process of activating the two-step authentication on your WP blog. Here is how users can go about it:

Open the new Security Tab which appears under your WordPress.com account settings and follow the instructions listed in the set up wizard.

Once this security feature is activated, there are a couple of things which the users need to wrap up as well. These include:

Backup Code Generation:

In case users’ smart phones are lost or get stolen, how would they access their WordPress.com account? As a solution to this query, the company has introduced the concept of Backup codes. Users can print these codes from WordPress.com and store in the safest place known to them- a file cabinet, a wallet or a document case, but not on any networked device. And one needs to be careful before experimenting with this one, because once users hit the ‘Generate Backup Codes’ button, all the previously generated codes will be discarded.

Generating Passwords for Specific Applications:

Several apps that are used in sync with WordPress.com accounts do not support the two-step authentication system. For these applications, users can generate unique passwords which can be used separately for each of these applications. If anyone loses his device, he can disable the password for it in a single click and shun it out of his account.

It’s Highly Encrypted

This dual authentication procedure introduced by WordPress.com is highly encrypted. According to company officials, the authenticator app generates a new numeric code in every 30 seconds, which makes it virtually impossible for anyone to guess. All that users need to do is- unlock their phones and punch in the code. This authentication system ensures that even if attackers get hold of anyone’s account password, he is unable to breach the account.

While no security app or authentication combination can ensure 100 per cent security of an account or app, requiring something that is known to the user and something that is owned completely by him, will make it an uphill battle for attackers to attempt any possible cyber crime.

Affiliate Lights Referral Images


Nick Carter is a freelance blogger associated with wordpress cms development company at full-time basis. He has been blogging for company for past 5 years and currently heads the editorial team of various wordpress web technology blogs.

Tags: , ,