WordPress, Joomla and Drupal users recently received some disappointing news as one of the most popular two-factor authentication solutions, Clef, announced that they are shutting down their operations on June 6, 2017.
What Is Two-Factor Authentication?
Two-factor authentication offers an extra layer of security in addition to the traditional username and password method of logging into an account. This makes it more difficult for hackers to gain unauthorized access to user accounts. You’ve likely used two-factor authentication and may not even have realized it. Anytime you are required to enter a pin or answer a security question (like your mother’s maiden name) when logging into an account, you are using a form of two-factor authentication.
Many solutions will send a one-time passcode to the user’s smartphone that is required to log into the account. This means that even if a hacker is able to crack the username and password, they will be unable to log into the account without access to the user’s smartphone.
In recent years, solutions like Clef have taken two-factor authentication security measures to another level. Clef was particularly popular because all you needed to do to log into your site was open the Clef mobile app and use your phones camera to sync up with the Clef Wave animation found on your computer.
Even though Clef was a popular two-factor solution, particularly for WordPress, there are plenty of alternatives to consider.
Setting up Duo two-factor authentication for your site only takes only a few minutes to. All you need to do is sign up for the Duo service and install the plugin on your site. Duo offers both one-tap authentication through the use of Duo’s mobile app as well as one-time passcodes.
Authy is designed to make security especially easy, even for users who are running their first WordPress site. They know that security shouldn’t be painful. Authy provides you with a security token through text messaging or by a phone call. Use this code, in addition to your username and password, to log into your account.
miniOrange may be one of the more flexible two-factor security solutions available. It supports one-time SMS passcodes, push notifications and mobile authentication. miniOrange offers a free plan as well as more advanced plans with additional features and support.
Rublon is a popular solution thanks in part to offering authentication via email, in addition to the traditional phone option. Just scan the Rublon code generated on your login screen with your phone to confirm your identity and access your account. Add Rublon to your site with ease with it’s 1-click download and 1-click activation.
How Safe Is Two-Factor Authentication?
You may have read about a few documented incidents where an SMS code can be intercepted. In reality, two-factor makes site attackers lives extremely difficult because they need to intercept your SMS code in addition to your username and password. That’s no easy task, nor should it be.
You’re welcome to view two-factor authentication as another layer of security. You can lump it in with important protocols like setting secure passwords as well as keeping both your site software and plugins up to date.
The Bottom Line
There will undoubtedly be new WordPress two-factor authentication options that will hit the market with the void left by Clef. The good news is that there are plenty of quality options available for your site.
While you may not like the first option or two as you try them, you’re bound to find one that works well for you. Remember, when you want a site that comes pre-configured with the best security settings, choose A2 Hosting and our A2 Optimized WordPress setup.
Do you have a favorite two-factor authentication solution? Is there one we didn’t mention? We’d love to hear about it and for you to share it within the A2 Hosting community in the comments below!