Why Theme My Login?
Theme My Login allows you to bypass the default WordPress-branded login page that looks nothing like
the rest of your site. Instead, your users will be presented with the login, registration and password
recovery pages right within your theme.
Basically, by using a shortcode, this plugin adds a login and logout link on a specific
Page. We need 2FA to secure this Plugin which requires us to create a different level of information.
What is 2FA?
Two-factor authentication (TFA) is a method of establishing access to an online account or computer system
that requires the user to provide two different types of information.
By far the most common authentication factor in use today is the username/password pair, and since most
accounts only require a password for access, most systems thus use single-factor authentication for
security. With 2 factor authentication, you'll needto both provide a password and prove your identity some
other way to gain access.
Need of 2FA on Theme My Login
Adding one more step of authenticating your identity makes it harder for an attacker to access your data
on this form. This drastically reduces the chances of fraud, data loss, or identity theft.
How does it work?
It requires an additional login credential – beyond just the username and password – to gain account access,
and getting that second credential requires access to something that belongs to you.
Using Theme My Login (TML):
- Users can opt-in for two factor authentication
- Once enabled, users will need to enter a code based on the method they configure(SMS, Email, Google
Authenticator and others) to log in.
In our Plugin, we provide various methods to configure 2FA, like:
Step by step procedure to set 2FA on Theme My login form:
- Open the WordPress Dashboard, go to Plugin and click on Add New.
- Search the Plugin name here and Install the Plugin by clicking on Install
Now.
- Now, Click on Activate.
- After successful installation a popup will be open on the screen, click on Logout and Configure to configure 2FA.
- Now, fill the login credentials and click on LOG IN. If you do not have Theme My Login
installed, you can
follow the steps: Theme My Login Installation
- Here I am using Google Authenticator app which is one of the popular methods. You can
also choose
other options like SMS Verification, Email Verification.
- Now install Google Authenticator app in your phone and scan the barcode from the
current page.
- After that you can see Google Authenticator Application will give you security tokens or six digit
number to verify your identity. Enter that security token in the field below and click on Verify
and
Save.
Here we have successfully set up Two-factor authentication on Theme my login form. After this setup whenever
the user tries to login to his Wordpress account, The Two-factor method will be prompted as a second security
layer. Also, You can visit the plugin to explore more on the settings for prevent account sharing, managing
active sessions, protecting content and many more.
- Open TML login Page in a private window,Enter your account credentials, and click on Log
in.
- Now enter the security token from Google Authenticator app and click on
Validate.
- After that, you will be logged in to the WordPress.
