The Spectrum Group Online

Where Visibility and Transparency Connect

Contact Us
(408) 675-0330 pst
Home > Web Design & Development > New WordPress Security Feature

New WordPress Security Feature

by Leave a Comment

wordpress security needs to be Up-Tight

Over the last several months, some former Eastern Block hackers have been systematically trying to breach our WordPress security. That’s nothing new, but it’s the sheer volume of the attempts that really got our attention (11,000+ tries over one weekend). Since WordPress is open source, perhaps it’s a bit like waving a red flag in front of a bull.

Click for a free 30-minute consultation »

As my clients know, I’m a stickler for security. Maybe even a bit paranoid. Recently WordPress announced greater security with Two Step Authentication for those who use WordPress.com to host their blog or website. Here’s how it works:

They’ve Got Your Number

When logging into WordPress, you’ll be prompted to enter a secret number. In order to receive that secret number, you first must download the Google Authenticator App on your smartphone. The app supports Androids, iPhones and Blackberry. It generates a new number every 30 seconds, so it’s virtually impossible to guess. No smartphone? Instead it will send you the number via SMS.

WordPress Security Backup Codes

enter-your-passwordOnce you’ve enabled the Two Step Authentication on your account, they also recommend printing some backup codes just in case. Obviously you’d keep these codes in a very safe place in case your phone is lost or stolen. You can print these codes from WordPress.com’s security tab.

Not For Self-Directed WordPress Installations

If you have configured your WordPress website via WordPress.org, then you’ve got other avenues to keep your site secure. Besides implementing some non-standard configurations when installing WordPress, there are several WordPress security plugins I highly recommend. If you have users that use less-than-secure passwords like “letmein,” then we suggest implementing a plugin like Force Strong Passwords. What’s a insecure password? Check out this lame-brain list of Top 25 Worst Passwords of 2012.

How can we help?

Struggling to keep your WordPress installation up to date? Need help in implementing website security best practices?

We are the spectrum group online, and we offer strategic and tactical consulting so you can monetize your online presence. Call us for a complimentary 30-minute consultation to discuss your website’s user experience and translate that into sales.

Contact Us Today »

Related posts:

  1. Brute Force Attacks on WordPress Security Plugin News If you’ve been reading this blog for a while, you know that I am particularly strict about WordPress security. Our own website has seen a dramatic increase...
  2. WordPress Security Best Practices Hardening Your WP Installation WordPress security has come a long way since its inception back in 2003. Built on a foundation that’s free and open source, it’s content management system structure...
  3. Website Security During The Holidays Let's face it. We're distracted during the holidays. As consumers, we are busy shopping, As business owners, we're busy with retail or online sales (hopefully) or we're in the midst...

Leave a Reply

Your email address will not be published. Required fields are marked *