Why Clef is the Secret Ingredient to WordPress Security
Many of us use WordPress as our blogging platform and love it. You can create a beautiful site in minutes with no coding experience. WordPress's plugins add another level of functionality that can extend your site and make it feel like a Fortune 500 site. People sometimes ask me “Who is the team behind your blog”.
Popularity does bring with it attention, and sometimes unwanted attention. WordPress's sites do get compromised, and no one want’s to spend time on the phone with support trying to get their site back online. I’ve had to rebuild a site or two myself, and it’s not fun.
Online Attacks are Growing
Attacks can come from everywhere, a compromised WordPress plugin, or one of the more common attacks – The brute-Force attack. A tool that I came across recently that, I feel, will reduce your attack surface is Clef – It is a secure two-factor authentication tool with no passwords or tokens, and they claim it’s from the future. At times, it does feel like it’s from the future. It’s not limited to only Brute-Force, check out the diagram below, it covers a wide range of attacks. Two-factor authentication can reduce online identity theft, phishing expeditions, and other activities because you need more than just the target’s password to gain information. Notice how I said “reduce” and not “eliminate” – I never want to give a false impression that any tool will remove the threat.
Easy Two-factor authentication with Clef
How does Clef work – once installed on your WordPress site and with the app installed on your phone, you then sync them together – super easy. The next time you are ready to log into your WordPress site, you load the app, swipe your phone and bingo, you are connected – it’s like magic.
It’s cool to watch in action, and I think this video does an excellent job of showcasing how it works. Take 1 minute to watch this video and see how easy it is to use.
Of course, this is not the only security tool I would use, but it’s one to consider getting started with first. It’s easy to install, and we always have our phones with us. You can always show your colleagues and friends technology that is from the “future”, just by waving your phone in front of your computer screen, pretty cool.
Have any other WordPress security tools you use? Please let me know on Twitter and let’s keep WordPress and our sites as secure as possible.