How to Use Jetpack’s Two-Factor Authentication in WordPress

Date: 08/09/2019       2:24 Minutes to Read
In this article:

The use of Jetpack’s Two-Factor Authentication (2FA) requires that each user have a WordPress.com account.  It allows users to have a single log-in to multiple WordPress accounts that can be accessed through WordPress.com. WordPress users can quickly create a WordPress.com account at no cost. The main advantage of using Jetpack’s Two-Factor Authentication will be the ability for the user to quickly switch between multiple accounts using the WordPress.com interface. The login screen for standalone WordPress installations will still have the option to select to log in directly using the WordPress user and password.  You can see this in the screenshot below.

In order to further protect the logins for users using WordPress.com, 2FA can be activated using the Jetpack plugin. The use of 2FA also requires the use of a remote device – typically a smartphone. When you use 2FA, it provides extra protection by requiring the entry of a second code provided through an SMS message or Authentication application. For this tutorial, we will be using the SMS message method to authenticate. This method uses a text message sent through SMS to provide the authentication code.

Are you looking for a fast, secure host for your new WordPress site? Check out InMotion’s optimized WordPress Hosting solutions!

How to Enable Two-Factor Authentication in the Jetpack plugin for WordPress

Two-factor authentication through Jetpack affects registered users within your WordPress site. Once you enable it, your users will need to work through setting it up for their account. Be aware that the journey for setting up an Administrator user is different from the other user roles in WordPress. We will first show you how to enable it in the Jetpack settings and then show you the steps for users to set up their Jetpack logins.

  1. Log in to the WordPress Administrator.
  2. Click on Jetpack in the menu that you see on the left of the screen.
  3. Click on Settings under Jetpack.
  4. Click on Security if it’s not already selected when you get to the Settings screen. It will be the first option in the menu at the top of the page.
  5. Scroll to the bottom of the page and click on the options under WordPress.com login. There is one main option: Allow users to log in to this site using WordPress.com accounts. Then, there are two other sliders underneath this option: 1) Match accounts using email addresses and 2) Require accounts use WordPress.com Two-Step Authentication. If you select the first slider, then user names will be matched against the associated email address before the login will be permitted.
Enable 2-step authentication

Once you apply the settings, each user will still need to go through the process of enabling their account to use 2FA. The next section will provide a video that you can share with your users for instructional purposes.

How WordPress Users Configure Jetpack Two-Step Authentication

Jetpack allows WordPress users to log in to a WordPress.com account and then access their WordPress sites. When two-step authentication is activated, then users will need to log into WordPress.com and configure the devices used for authentication. Use the video below to guide users through the process.

Video for WordPress to configure 2-step authentication used by Jetpack.

Congratulations! You now know how to activate and configure accounts to use Jetpack 2-step authentication. To learn more about using Jetpack, please see Social Media Sharing with Jetpack.

Leave a Reply