Two-step authentication is an added level of security you can set up to keep your WordPress.com account safe. In this guide you will learn how to enable two-step authentication for your account.

Two-step authentication is a method that enhances the security of your online accounts. It requires you to know something (your password) and to possess something (your mobile device or a physical security key) to log in. This approach ensures that even if someone discovers your password, they cannot access your account without also having access to your mobile device or physical security key.

Using two-step authentication significantly increases your account’s security. Once you set it up, WordPress.com will send a new code to your device each time you log in with your password. You must input this code before gaining access to your account. This additional step in the login process helps protect your account from unauthorized access.

Follow these steps to enable two-step authentication on your WordPress.com account:

1. Log into WordPress.com and hover over your profile icon in the top-right of your dashboard.
2. Click the “My WordPress.com Account” button to visit your account profile.
3. On the left side, select the Security menu option.

3. Click Two-Step Authentication, where you can choose between “Set up using an app” and “Set up using SMS.”
4. Click the option you want to set up.

If you set up two-step authentication using an app, you will use an authenticator app on your phone to get a code to log in to your WordPress.com account.

1. Download an authenticator application to your phone. Common options include Google Authenticator and Authy.
2. In Security → Two-Step Authentication in your WordPress.com account, click “Set up using an app”.
3. Scan the QR code with your authenticator app, or enter the one-time code in your app.

4. A six-digit number code will appear in your authenticator app. Type the code in the field provided on the two-step authentication screen.
5. Click the Enable button.
6. Next, you’ll be prompted to print backup codes. Don’t skip this step; it’ll be your only way to log back into your account without staff assistance if you lose your device!

6. Click the “All Finished” button.

At this point, your account is enabled for two-step authentication.

If you set up two-step authentication using SMS codes, you will receive a text message on your phone with a code to log in to your WordPress.com account.

1. In Security → Two-Step Authentication in your WordPress.com account, click “Set up using SMS”.
2. Enter your phone number (including the country code) and click Continue.
3. Wait a few moments to receive a text message with a 7-digit number.
4. Enter this number in the box provided on the two-step authentication page.

5. Click the Enable button.
6. Next, you’ll be prompted to print backup codes. Don’t skip this step; it’ll be your only way to log back into your account without staff assistance if you lose your device!
7. Click the “All Finished” button.