Two-Factor Authentication

Update your settings to authenticate via
Cell Phone App or Email

What is Two-Factor Authentication?

“Two-factor authentication is an information security process in which two means of identification are combined to increase the probability that an entity, commonly a computer user, is the valid holder of that identity. 2FA requires the use of two reliable authentication factors:
• Something the user knows, e.g. an alphanumeric password
• Something the user knows and which they click, e.g. a graphical password (Vaidhyasubramaniam, Christy, & Saravanan, 2015, p. 2054)

NOTE: Two-Factor Authentication can be set to either Mobile App or Email. In order to use Two-Factor Authentication, you will need a mobile App to do it:
• For Android devices, the Authy, Google Authenticator, FreeOTP Authenticator, or Toopher apps are the most popular token generators.
• For iOS devices, the Authy, Google Authenticator, FreeOTP Authenticator, or Toopher apps are the most popular token generators. need to have installed either:

  1. To change and modify your Two-Factor Authentication, begin by logging into your class site hosted on WordPress.

    How To - 2 Factor Authentication Screenshot 1

    Generic WordPress Website Screenshot

  2. In the Top-Left corner of the screen, there is a key icon with the phrase “My Sites”, hover over this menu, a drop-down should appear and show you the name of the sites you are enrolled in that are hosted on WordPress. Hovering over the class that you need to make adjustments. This should create a side-pullout menu with new choices: Dashboard, New Post, Manage Comments, Visit Site. (Note: Options may vary based on the level of permissions you have with your class site). Select the option “Dashboard”.

    How To - 2 Factor Authentication Screenshot 2

    Generic WordPress Website Screenshot

  3. WordPress Dashboard gives access to a lot of settings that are relevant to the WordPress experience. The left side of the screen represents all the options available; choose the option “Users” and from the side-pullout menu chose “Edit Profile”.

    How To - 2 Factor Authentication Screenshot 3

    WordPress Dashboard Screenshot – Edit Profile

  4. The Edit Profile settings will automatically bring you into the “Extended Profile” Tab which allows you to adjust your Person Identifiable Information. 2FA settings; however, are under the tab Profile.

    How To - 2 Factor Authentication Screenshot 4

    WordPress Dashboard Screenshot – Profile

  5. Scroll down the page of options available to Profile.

    How To - 2 Factor Authentication Screenshot 5

    WordPress Dashboard Screenshot – Profile

  6. Three-quarters of the way down, are options that are relevant to 2FA. Shown below, settings are set to email. To adjust these settings to enable Mobile App Authentication, chose the button “View QR Code & Security Key”.
    NOTE: Two-Factor Authentication can be set to either Mobile App or Email. In order to use Two-Factor Authentication, you will need a mobile App to do it:
    • For Android devices, the Authy, Google Authenticator, FreeOTP Authenticator, or Toopher apps are the most popular token generators.
    • For iOS devices, the Authy, Google Authenticator, FreeOTP Authenticator, or Toopher apps are the most popular token generators. need to have installed either:

    How To - 2 Factor Authentication Screenshot 6

    WordPress Dashboard Screenshot – Two Factor Authentication Options

  7. Scan the QR code with your App to add and give you access. Make sure to select the option Enable (Recommended) and Make Primary (Recommended) to alert WordPress how you are enabling Two-Factor Authentication.

Using Google Authenticator

  1. Download, Install and Open Google Authenticator from the Google Play Store:

    How To - 2 Factor Authentication Screenshot 7

    Google Authenticator found on Google Play Store

  2. Press Begin

    How To - 2 Factor Authentication Screenshot 8

    Opening Screen when launched.

  3. Chose the option to Scan Barcode

    How To - 2 Factor Authentication Screenshot 9

    Add an Account Screen. Can be added by scanning a barcode/QR Code or entering a key

  4. If you haven’t already, make sure to give permission to Authenticator to gain access to your camera.

    How To - 2 Factor Authentication Screenshot 10

    When prompted, ALLOW Authenticator to take pictures and record video (So the app can work)

  5. Scan the QR Code shown on your WordPress screen.

    How To - 2 Factor Authentication Screenshot 11

    Screenshot of Barcode Scanner. Place the Barcode within Red Lines.

  6. This will auto-configure your Google Authenticator for your class.
  7. Google Authenticator will produce a six digit number. This number will regenerate a new value every 60 seconds.
  8. Enter the code and press Verify (Note: Do not hit Add within the App until verified)

    How To - 2 Factor Authentication Screenshot 12

    Scan the barcode with Authenticator, Wait for the Screen to show a class and the code. Enter the Authenticator Code into the Authenticator Field. Press Verify. Wait until the screen changes to success. Then press Add Account within Google Authenticator.

  9. Once you get a confirmation that says “Successful” press add within your App.

10. Make sure to update your profile to complete the change

How To - 2 Factor Authentication Screenshot 15

Set Mobile app to Enabled and as Primary, then remember to Update Profile.

10. Going forward, anytime you log into your WordPress hosted class, after using your username/password to sign in, you will need to supply an authentication code which is accessed through your mobile device authentication App.

How To - 2 Factor Authentication Screenshot 16

Authentication via Mobile Authentication App

11. Alternately, Email authentication can also be enabled by selecting Enable. This will default to the email address associated with your login information:

How To - 2 Factor Authentication Screenshot 17

Setting Two-Factor Authentication to use Email instead of Authenticator App

12. When logging in, you will be sent an email From “WordPress <wordpress!@infocom.hyperlib.sjsu>” with a Subject Line of “[infocom.hyperlib.sjsu.edu] Login Authentication Code”

How To - 2 Factor Authentication Screenshot 18

Setting Two-Factor Authentication to use Email: Screenshot of Authenticator Email Body.

 

References

Vaidhyasubramaniam, S., Christy, A., & Saravanan, D. (2015). Two Factor Authentications for Secured Login in Support of Effective Information Preservation and Network Security. ARPN Journal of Engineering and Applied Sciences, 2053-2056.