Hugh's Views & News

WordPress & Blogging tips, flash fiction, photography and lots more!

Blogging, Blogging Tips

Is Your Blog Safe? One Security Feature You Must Have

Published by

Hugh W. Roberts

Jan 15, 2024

You wouldn’t leave your doors unlocked if you were the last one to leave the house, would you?

Would you give a stranger the password to your online banking account?

Would you share or give a stranger the password to your blog?

Protecting your blog is just as important as protecting your home and online bank accounts, yet many bloggers share personal details about themselves on their blogs and on social media, which can be a treasure trove for scammers. Be careful what information you share.

Before sharing any information, ask yourself, ‘Would I share this information with a complete stranger?’

Light blue image with the words 'Is Your Blog Safe? One Security Feature You Must Have' in white text. — Adding this feature will give your blog an extra layer of security.

Although we’re all encouraged to use a strong password to protect our blogs, did you know that many blogging platforms, including WordPress, offer users an extra layer of security when it comes to protecting their blogs?

Two-factor authentication adds an extra layer of security by requiring you to enter a code or use another device in addition to your password. For example, you can use an app like Microsoft Authenticator or Google Authenticator to generate access codes for your blog.

WordPress offers users two-factor authentication security. Follow the guide below to set it up for your WordPress blog. For this example, I’m using an Apple iMac desktop computer.

How to set up two-step authentication for your WordPress blog.

In the top right of your blog, click on your profile picture/avatar.

Click on ‘Security‘ in the menu on the page’s left side.

Image highlighting the 'Security' tab on a WordPress blog. — Click on the ‘Security’ tab.

Select the ‘Two-step Authentication‘ option.

Image highlight the Two-Step Authentication tab on a WordPress blog. — Select Two-Step Authentication

Select which method you would like to receive the two-step passcode generated by WordPress, and click the ‘Get Started‘ button.

Image highlighting the 'Get Started' button when setting up Two-Step Authentication on WordPress. — Click the ‘Get Started’ button.

Follow the onscreen instructions depending on your selected method to receive the WordPress two-step authentication passcode.

Once enabled, logging into WordPress.com will require you to enter a unique passcode generated by an app on your mobile device or sent via text after adding your username and password.

You will receive an email from WordPress confirming that two-step authentication has been enabled.

Image showing an email confirmation from WordPress confirming that two-step authentication has been set up. — You’ll get an email from WordPress confirming that two-step authentication has been set up for your blog.

That’s it! Access to your blog is now protected by an extra layer of security.

I’d recommend adding or checking that the recovery email address and recovery SMS number for your WordPress blog/account are also correct when switching on two-step authentication.

Are you making the most of Two-Step Authentication to safeguard your blog? Need guidance on setting it up? Share your best practices for securing your blog in the comments below.

Did you miss my post giving details of what plans I have for my blog in 2024? Check out my post, ‘2024: Exciting And Positive Things Happening On Hugh’s Views And News‘, for complete details.

Follow Hugh on social media. Click the buttons below.

Layout, content, settings, and format might differ on self-hosted blogs.

Discover more from Hugh’s Views & News

Subscribe to get the latest posts sent to your email.

63 responses to “Is Your Blog Safe? One Security Feature You Must Have”

Liesbet @ Roaming About

Jan 17, 2024

Thanks for the tip, Hugh. I’ll have to figure out how to activate the two-step authentication function on my self-hosted blog, as my avatar on the right top corner in my dashboard doesn’t give me a “security” option.

Reply
1. Hugh W. Roberts
  
  Jan 18, 2024
  
  I hope you find where the security option is, Liesbet. Two-step authentication certainly helps give me a little more piece of mind.
  
  Reply
Eugi

Jan 16, 2024

Thank you, Hugh, for this excellent advice. We must be vigilant about being safe online and not have the attitude, that it will never happen to us.

Reply
1. Hugh W. Roberts
  
  Jan 17, 2024
  
  I completely agree, Eugi. It always annoys me when people say ‘ it’ll never happen to me.’
  
  Reply
  1. Eugi
    
    Jan 18, 2024
    
    Me too, Hugh, and words they will regret.
    
    Reply
Terri Webster Schrandt

Jan 16, 2024

Great advice, Hugh! I see the prompt for it occasionally and really should take this step, given that my blog FB page was hacked in 2022. Thanks for the reminder!

Reply
1. Hugh W. Roberts
  
  Jan 16, 2024
  
  That’s a good enough reason to set it up, Terri. I think I set two-step authentication for my blog up many years ago when my Facebook account was also hacked. That’s one social media site I do not miss.
  
  Reply
James L

Jan 15, 2024

Thanks Hugh for spreading the word about 2 Factor Authentication, I can see a lot of people commenting on the post saying they’re setting up which is good to see, as this extra security key will go a long way to protecting identify.

I used 2 factor on as many accounts that allow it, and it does work as an extra failsafe if you tend to use the same password on different sites, and one of those places suffer a data breach. People will malicious intentions will then try that password on any other accounts they know you own (which is easier than ever due to sharing on social media.

It might be annoying having that extra step to authentic – I once accidently left my phone in the car, so couldn’t get on a site I regularly because of 2FA being enabled, but it shows how effective it works if your password falls into the wrong hands!

Also hope you don’t mind me sharing this link (please edit out if not), but your readers checking through the comments might be interested in the website https://haveibeenpwned.com/ which reveals which sites have had user details leaked, you just put in the web domains where you have accounts, it tells you if a site has been hacked (and when), you can then update your passwords for the site, and all other sites you use which share the same password!

Reply
1. Hugh W. Roberts
  
  Jan 16, 2024
  
  Thanks for the information, James. I use Chrome and it has a similar feature that tells me which sites have had a data breach. My Apple devices also tell me of any ‘insecure passwords’ including weak passwords.
  
  I know that changing passwords can be a hassle, but I tend to change mine at least once a year and do not use the same ones. I also use a password manager which helps when I forget passwords (it happens).
  
  Your story about leaving your phone in the car and not being able to access a site is prove indeed on why everybody should consider two-step authentication. Yes, it can be a pain, but that extra layer of security works.
  
  Reply
  1. James L
    
    Jan 18, 2024
    
    In an old IT job we had people complain about the enforcement of two factor authentication, but those who let their company email account fall into the wrong hands, had bruised egos and were more compromising!
    
    Reply
JT Twissel

Jan 15, 2024

For some reason it’s already set up on my blog – I don’t recall doing anything! But it’s nice to know how to reset it should anything happen. Thx!

Reply
1. Hugh W. Roberts
  
  Jan 16, 2024
  
  You may have set it up many years ago as it’s been available to do for sometime. But good to know it’s all set up and working.
  
  Reply
Erika

Jan 15, 2024

Once again, you made me ponder. I have not thought of going more secure with my blog. Now, seeing the options is a great support. Thank you, Hugh!

Reply
1. Hugh W. Roberts
  
  Jan 16, 2024
  
  Good to hear, Erika. We have to do all we can to protect blogs and ourselves when online.
  
  Reply
  1. Erika
    
    Jan 16, 2024
    
    You are so right!
    
    Reply
seaangel4444

Jan 15, 2024

Thank you so much for this excellent advice, Hugh! I’m setting it up immediately! Cher xoxoxo

Reply
1. Hugh W. Roberts
  
  Jan 15, 2024
  
  Great. Let me know if you run into any problems when setting it up, Cher.
  
  Reply
  1. seaangel4444
    
    Jan 15, 2024
    
    I appreciate it, Hugh. Thank you! Because of your excellent instructions, I think I was able to set it up correctly. I also found several things that I did not have in place, so that prompted me to take a look at those as well (backup email address, verifying such, etc.)
    
    Thank you, Hugh! Cher xoxoxo
    
    Reply
    1. Hugh W. Roberts
      
      Jan 16, 2024
      
      You’re welcome. Good to hear you checked all those other details and updated them, Cher.
      
      Reply
      1. seaangel4444
        
        Jan 17, 2024
        
        Thank you, Hugh! I really appreciate it! Cher xoxoxo
        
        Reply
Author Jan Sikes

Jan 15, 2024

Fantastic advice, Hugh. I’m off to set it up!

Reply
1. Hugh W. Roberts
  
  Jan 15, 2024
  
  If you run into any problems setting it up, feel free to ask questions, Jan.
  
  Reply
beth

Jan 15, 2024

good to know!

Reply
Cathy

Jan 15, 2024

Certainly makes sense, Hugh.

Reply
1. Hugh W. Roberts
  
  Jan 15, 2024
  
  And gives so much piece of mind knowing you have that extra layer of security on your blog, Cathy.
  
  Reply
  1. Cathy
    
    Jan 15, 2024
    
    Absolutely.
    
    Reply
Dan Antion

Jan 15, 2024

When I was working in support of technology, we required 2FA for everything that supported it. This is very good advice.

Reply
1. Hugh W. Roberts
  
  Jan 15, 2024
  
  I use it for everything online, Dan. Adding that extra piece of security always gives me extra piece of mind.
  
  Reply
  1. Dan Antion
    
    Jan 15, 2024
    
    My only concern, and it’s a minor one these days, is when I’m flying. I’ve had problems logging into services on my iPad, because I can’t get the authentication code on my phone. Then again, in most cases, whatever it is I have to do can wait a few hours. Some services we used allowed you to switch to an email code for things like that, but not all.
    
    Reply
    1. Hugh W. Roberts
      
      Jan 15, 2024
      
      That’s true, Dan. I’ve now set it up so that the notification comes to my Apple Watch. And as I do not fly anymore, there is usually wifi on trains and buses, so no problem for me. However, I tend to enjoy watching the world go by when travelling.
      
      Reply
      1. Dan Antion
        
        Jan 15, 2024
        
        Me, too. Now that I’m only flying for personal reasons (and only once or twice a year) it’s not an issue.
        
        Reply
philosophy through photography

Jan 15, 2024

Very much informative Hugh.
The problem is people are too lazy to opt for 2f authentication.
As for the DOB, year etc one need not be Frank on online matters especially social media platforms.
Thank you

Reply
1. Hugh W. Roberts
  
  Jan 15, 2024
  
  Laziness doesn’t get anyone anywhere, and I’d have thought that everyone who goes online would want to protect themselves. I guess ‘it’ll never happen to me’ also plays a big part.
  
  I’m shocked by how much personal information bloggers and those on social media give out online. I always ask myself ‘would I give this information to a complete stranger?’ before putting anything online.
  
  Reply
  1. philosophy through photography
    
    Jan 15, 2024
    
    Agree about giving strangers personal details believing them unconditionally.
    As you have rightly suggested, one must opt for 2F authentication without delay wherever there is a provision.
    
    Reply
willowdot21

Jan 15, 2024

Thank you Hugh that’s great advice 💜💜

Reply
1. Hugh W. Roberts
  
  Jan 15, 2024
  
  I’d recommend every blogger using two-step-authentication for their blog, Willow. That extra layer of security give more piece of mind.
  
  Reply
  1. willowdot21
    
    Jan 15, 2024
    
    Thank you Hugh 🙂
    
    Reply
JenT

Jan 15, 2024

So easy to do and well explained. Thank you, Hugh. I can’t emphasize enough that part about printing out your 2FA backup codes and keeping them in a safe place! They’re also useful should you ever need to recover your WordPress.com account.

Reply
1. Hugh W. Roberts
  
  Jan 15, 2024
  
  Yes, those backup codes are so important, Jen. I have mine safely stored, and I know where I can access them should the need a rise. Hopefully not.
  
  Reply
Brenda

Jan 15, 2024

This is something I was looking at just yesterday.
Also, we must be on the same wavelength as I’ve been writing a post along similar lines … being safe online

Reply
1. Hugh W. Roberts
  
  Jan 15, 2024
  
  Good to hear you’re writing that post, Brenda. I’m often astonished at how much personal information people give out online – the main one being their date of birth when giving their age and announcing their birthday. Put that together with their real name and where they live, and a scammer has some free personal information to get scamming or stealing an identity. I think the biggest problem are those who think it’ll never happen to them.
  
  I look forward to reading your post.
  
  Reply
  1. Brenda
    
    Jan 15, 2024
    
    Thanks Hugh. I agree. I’ve seen people posting name, address, telephone number and, as you say DoB. Crazy, you wouldn’t do it anywhere else
    
    Reply

I’m Hugh

Welcome to my blog. I’m delighted to have you here. This is the place to discover tips on blogging and WordPress, flash fiction, photography, and more. I enjoy engaging with my readers, so please feel free to explore, join discussions, and contact me. I’m happy to assist! Find out more about me and my blog by clicking the ‘Meet Hugh’ button.

Let’s connect

Latest posts

Subscribe to Hugh’s Views And News

Latest Posts

You’re Not Stuck: The Surprising Power Of Finally Changing Your Blog Theme
Is your blog looking like it’s stuck in the 20th century? Are you spending more time neglecting it than looking after it? This post explores how fear can quietly keep us “busy but stuck” — and how small, imperfect changes can move you forward again. Are you going to remain stuck in the 20th century or join the majority of bloggers in the 21st century?
From Box Cameras to iPhone Cameras: Why Photography Plays an Important Part in Blogging
From box cameras to iPhone cameras, discover how old family photos continue to shape our memories, stories, and identities in today’s digital blogging world.
How I Finally Switched My Blog to a Block Theme – Challenges, Wins, and Must-Know Tips for WordPress Bloggers
After ten years of hesitation, I finally switched my blog to a block theme. Here’s what went wrong, what surprised me, and the tips I wish I’d known.
Why Now Is The Time To Pull Up My ‘Big Boy’ Trousers’ About My Blog
Tired of putting things off until tomorrow? Join me on my journey of transformation as I finally take the plunge on an important change for my blog. Discover how overcoming the ‘What if?’ moments have opened up a world of possibilities and excitement. Ready to see what’s next?
Stay Updated: Follow Me on Mastodon and the Fediverse
Follow this blog on Mastodon or the Fediverse to receive updates directly in your feed.
Unveiling ‘Story Chat Digest: Where Stories Meet’ – A Journey Through Fiction, Community, and Creativity!
Discover the magic of storytelling at its best! I invite you to delve into a world created by diverse voices from around the globe. Curious to discover what happens when a television connects with the past and the future? Read on to uncover the stories and inspiration behind this engaging new collection!

Looking for your next quick read? Try my books

An image of book covers, book, tablet and mobile phone, for the book Glimpses.

An image for the book More Glimpses - showing a book cover, tablet and mobile phone.

Follow Hugh in the Fediverse

Hugh's Views & News

@hughsviewsandnews.com@hughsviewsandnews.com

WordPress & Blogging tips, flash fiction, photography and lots more!

301 posts

6 followers

A widget with the words 'Team Effort - Story Chat Digest - Where Authors Meet - Author'

Thank you to all my visitors

471,728 hits

254,633 visitors

Most Viewed Posts & Pages Over The Last 24 Hours

You're Not Stuck: The Surprising Power Of Finally Changing Your Blog ThemeApr 20, 2026Hugh W. Roberts

The BattleFeb 14, 2019Hugh W. Roberts

79 Ways To Kill Your BlogAug 22, 2022Hugh W. Roberts

From Box Cameras to iPhone Cameras: Why Photography Plays an Important Part in BloggingApr 13, 2026Hugh W. Roberts

Flash Fiction Friday – Natural WaysFeb 10, 2023Hugh W. Roberts

Copyright Protected Blog

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

This work by Hugh W. Roberts, and/or Hugh’s Views And News blog, is licensed under a Creative Commons Attribution-Noncommercial-NoDerivatives 4.0 International License. Unauthorised use and/or duplication of this material (text and images) without express and written permission from this blog’s author and/or owner is strictly prohibited. If you want to use posts, excerpts, photos and links, you may contact me first. You must give full and clear credit to Hugh W. Roberts and Hugh’s Views And News dot com with links to the original content.

Hugh's Views & News

WordPress & Blogging tips, flash fiction, photography and lots more!

Is Your Blog Safe? One Security Feature You Must Have