Enable Wordfence 2 Factor Authentication
Enabling 2 Factor Authentication In WordPress
This is a quick guide to enable 2 factor authentication (2FA) in WordPress using Wordfence Security.
To improve login security from hackers or other automatic bot login attack, you should enable 2 Factor Authentication in WordPress.
If you have previously installed Wordfence Security (one of the WordPress plugin for security and firewall) and completed the Wordfence setup, you can activate the 2-factor authentication for login which is a built-in feature in the Wordfence Security plugin.
- Download and Install the Authenticator App
- Enable Wordfence 2 Factor Authentication
- Login to WordPress
- Time-based One Time Password (TOTP) Apps for Wordfence 2FA

Download and Install the Authenticator App
Download and install this 2-factor Authentication app called Authenticator onto your phone.
The screenshot shows the iPhone version of Authenticator in Apple Store. If you are using an Android mobile phone, you will need to download and install a similar app.
Enable Wordfence 2 Factor Authentication
Log in to your WordPress website the usual way.
Assume you have already installed Wordfence.
Select Wordfence on the left side main navigation, and click Login Security (from the drop-down menu).
Under the Two-Factor Authentication tab of Wordfence, you will see a QR Code.
Open your Authenticator app.
Click the + button (to add a new WP site).
Scan the QR code with the Authenticator app.
You will get a 6-digit 2FA code from the Authenticator app.
Enter this 6-digit code into Wordfence.
Click the Activate button.
Login to WordPress
Next time when you log in to your WordPress site, you will enter your username and password (as usual).
You will then be prompted to enter the 2FA code.
Now open the Authenticator app. Get your new 6-digit code (or 2FA code).
Each time you open the Authenticator app, it generates a new 6-digit code.
Enter this 6-digit code in the 2FA field.
Now you should have logged in to your WordPress site successfully.
Time-based One Time Password (TOTP) Apps for Wordfence 2FA
Time-based One Time Password (TOTP) apps that can be used with Wordfence Security 2FA include:
- Google Authenticator
- Sophos Mobile Security
- FreeOTP Authenticator
- 1Password
- LastPass Authenticator
- Microsoft Authenticator
- Authy 2-Factor Authentication
- Any other authenticator app that supports Time-based One-Time Passwords (TOTP)