Search for blog posts, documentation, or pages

Today we’re excited to announce the integration of our two-factor authentication with the WordPress platform. Now your WordPress-powered website or blog can be protected with the same strong and user-friendly two-factor authentication that protects your traditional remote access with just a few clicks.

WordPress isn’t just for small personal blogs anymore: over 14% of the top million biggest websites are powered by WordPress. Its popularity has made it a juicy target for attackers, who often phish, sniff, or bruteforce WordPress account credentials in order to slip malicious exploits into popular websites to compromise the visitors of those sites.

By installing the Duo WordPress plugin, you can add a second line of defense to your WordPress login credentials - your mobile phone! You will be able to log in to WordPress with confidence that your account is secure.

Duo WordPress Walkthrough

Getting Duo’s two-factor authentication integrated with your WordPress blog is a snap and only takes a few minutes!

1. Sign up for a Duo account

If you don’t yet have a Duo account, head over to http://www.duosecurity.com and sign up for free!

2. Add a new integration

Log in to the Duo administrative interface and add a new Web SDK integration for your WordPress blog:

After adding the integration, make note of the integration key and the secret key as you will need these keys when configuring the Duo WordPress plugin. Also, select the “WordPress” visual style and click “Save Changes”.

3. Install and configure the Duo WordPress plugin

Log in to your WordPress blog as an administrator. Navigate to “Plugins > Add New”, search for “Duo Security”, and click “Install Now” to install the Duo WordPress plugin:

Next, click “Activate” to activate the plugin:

Lastly, click “Settings” to configure the plugin. Enter the integration key and secret key that you obtained from the Duo administrative interface and save the changes:

That’s it!

The first time a user logs in, they will be able to self-enroll their mobile phone to use as their second factor of authentication. Upon subsequent logins, they will be challenged to authenticate using their mobile phone:

Duo is the best-of-breed for strong two-factor authentication, supporting Duo Push, phone callback, or one-time passcodes generated via the Duo Mobile app or delivered via SMS. The best part is that Duo is completely free for under 10 users (or unlimited users for open source projects) and only $3/user/month beyond 10 users.

Beyond WordPress

If you’re a fan of our WordPress integration and want similar protection for your own web application, be sure to check out our web SDKs that make it simple to add Duo two-factor authentication to any Python, Ruby, PHP, Java, ASP.NET, or Classic ASP web application. The source code for the duo_wordpress plugin is also available in our GitHub repository and provides a great example of how easy it is to use the web SDK.

Keep an eye out for additional web integrations in the near future. If you have any particular web apps or frameworks you’d like to see Duo integrated with, just leave us a comment below!

Categories

Free Guide

Two-Factor Authentication Evaluation Guide

This guide walks through some of the key areas of differentiation between two-factor authentication solutions and provides some concrete criteria for evaluating technologies and vendors.

Tags

phishing (18)  security news (17)  two-factor-authentication (15)  healthcare security (14)  passwords (14)  weekly ink (13)  cloud security (9)  infosec-evolution (9)  malware (9)  rsac2015 (8)  federal cybersecurity (8)  retail data breaches (7)  duo mobile (7)  banking security (7)  ooba (6)  pci dss (6)  2fa (6)  financial institutions (6)  stolen-passwords (6)  financial data breach (6)  encryption (5)  stolen credentials (5)  webinar (5)  transaction-level 2fa (5)  atms (5)  data breaches (5)  healthit (4)  mobile security (4)  hipaa (4)  third-party security (4)  data breach notification (4)  medical identity theft (4)  healthcare cybersecurity (4)  remote access security (4)  pos malware (4)  vulnerability (4)  bank security (4)  retail (4)  retail data security (4)  uk security (3)  iot security (3)  health it (3)  anthem (3)  rig exploit kit (3)  strong-authentication (3)  platform edition (3)  defense in depth (3)  otp bypass (3)  payment card breach (3)  media security (3)  law firm security (3)  ffiec (3)  twitter (3)  remote access attacks (3)  retail data risks (3)  ssl (3)  critical infrastructure security (3)  manufacturing security (3)  two-factor (3)  security threats (3)  dyre trojan (3)  target (3)  home depot (3)  higher education (3)  retail ebook (3)  e-prescriptions (3)  hipaa security rule (3)  google (3) 

Duo is hiring!

View our open positions

Subscribe to our Newsletter

Get product updates, interesting content, and invitations to online and live events.