Setup two-factor on Theme My Login form



Why Theme My Login?

Theme My Login allows you to bypass the default WordPress-branded login page that looks nothing like the rest of your site. Instead, your users will be presented with the login, registration and password recovery pages right within your theme. Basically, by using a shortcode, this plugin adds a login and logout link on a specific Page. We need 2FA to secure this Plugin which requires us to create a different level of information.



What is 2FA?

Two-factor authentication (TFA) is a method of establishing access to an online account or computer system that requires the user to provide two different types of information.
By far the most common authentication factor in use today is the username/password pair, and since most accounts only require a password for access, most systems thus use single-factor authentication for security. With 2 factor authentication, you'll needto both provide a password and prove your identity some other way to gain access.



Need of 2FA on Theme My Login

Adding one more step of authenticating your identity makes it harder for an attacker to access your data on this form. This drastically reduces the chances of fraud, data loss, or identity theft.



How does it work?

It requires an additional login credential – beyond just the username and password – to gain account access, and getting that second credential requires access to something that belongs to you.

Using Theme My Login (TML):

  • Users can opt-in for two factor authentication
  • Once enabled, users will need to enter a code based on the method they configure(SMS, Email, Google Authenticator and others) to log in.


In our Plugin, we provide various methods to configure 2FA, like:

Step by step procedure to set 2FA on Theme My login form:


  • Open the WordPress Dashboard, go to Plugin and click on Add New.

    two-factor


  • Search the Plugin name here and Install the Plugin by clicking on Install Now.

    Two-Factor


  • Now, Click on Activate.

    Two-factor WordPress plugin


  • After successful installation a popup will be open on the screen, click on Logout and Configure to configure 2FA.

    two-factor on login form


  • Now, fill the login credentials and click on LOG IN. If you do not have Theme My Login installed, you can follow the steps: Theme My Login Installation

    Theme my login form


  • Here I am using Google Authenticator app which is one of the popular methods. You can also choose other options like SMS Verification, Email Verification.

    Google authenticator


  • Now install Google Authenticator app in your phone and scan the barcode from the current page.

    Google authenticator


  • After that you can see Google Authenticator Application will give you security tokens or six digit number to verify your identity. Enter that security token in the field below and click on Verify and Save.

    Two-factor


  • Here we have successfully set up Two-factor authentication on Theme my login form. After this setup whenever the user tries to login to his Wordpress account, The Two-factor method will be prompted as a second security layer. Also, You can visit the plugin to explore more on the settings for prevent account sharing, managing active sessions, protecting content and many more.

  • Open TML login Page in a private window,Enter your account credentials, and click on Log in.

    theme my login


  • Now enter the security token from Google Authenticator app and click on Validate.

    Google authenticator


  • After that, you will be logged in to the WordPress.

    WordPress Dashboard


Installation of Theme My Login Plugin:

  • Open the WordPress Dashboard, go to Plugins and click on Add New

    Theme my login


  • Search the Plugin name here and Install the plugin by clicking on Install Now.

    Login form


  • Now, Click on Activate.

    Two-facctor


  • Now open Theme My Login plugin from wordpress left section dashboard.

    Theme my login plugin


  • Scroll down and copy the Login URL.

    Login form


  • Now open this link in a private window.