We highly recommend that all Administrators, Editors or Authors on your CloudCanvas site have two-factor authentication activated for their user account. Two-factor authentication can be activated on your CloudCanvas site on a per user basis and once activated for a user on one site they will have to use two-factor authentication when logging into the site.
It’s recommended that Administrators, Editors and Authors have two-factor authentication because should one of these users account get compromised then the attacker could potentially delete and change all your content.
What is Two Factor Authentication?
“Two-Factor” authentication is the second stage of a login process, this is usually a code on a mobile device that needs to be entered after logging in using your credentials. This second step makes it incredibly hard for any hacker using a brute force to gain access to your site, it also protects you should someone get access to your password. You can get a longer answer from Wikipedia.
Read this article to see the devastation caused by a hacking of one account, all could have been prevented with two-factor authentication activated.
How to activate Two-Factor Authentication in WordPress?
CloudCanvas comes with two-factor authentication built in and it can simply be activated from your user profile settings. You will need to download Google Authenticator or Authy on your smartphone before continuing with the following steps.
- Open the menu on your admin and Hover over your user icon in the top right corner of the dashboard, scroll down to the ‘Google Authenticator’ section.
- Open the Google Authenticator App on your phone and scan the barcode on the screen.
- Enter the code generated in the field ‘Google Authenticator Code’ and then save your profile settings.
- Enable Two-Factor Authentication and Save Changes
Once you have completed the above steps you will now need to have your phone to hand ready to enter the 2nd stage password that is generated when you log in.
What happens if you lose your phone?
Don’t panic, contact our support team and we will disable Two Factor Authentication on your account. You can reactivate again anytime.