Why Enable 2FA?
Two-factor authentication means even if someone knows your password, they cannot log in without the one-time code from your phone. It prevents the majority of account takeover attacks.
Enabling 2FA on Your webzworld Client Portal
1. Log in to your webzworld client portal
2. Go to Security → Two-Factor Authentication
3. Scan the QR code with Google Authenticator, Authy, or Microsoft Authenticator
4. Enter the 6-digit code to confirm setup
5. Save your backup codes in a secure place
Enabling 2FA on WordPress
Install the miniOrange 2FA plugin or Google Authenticator plugin:
1. Install and activate the plugin
2. Go to the plugin settings
3. Scan the QR code with your authenticator app
4. Enable 2FA for admin accounts
Recommended Authenticator Apps
- Google Authenticator (iOS / Android)
- Authy (iOS / Android / Desktop) — recommended, supports backup
- Microsoft Authenticator (iOS / Android)
I Lost Access to My 2FA Device
If you lose access to your authenticator:
1. Use your backup codes (saved during setup)
2. If no backup codes, contact webzworld support with ID verification
2FA for SSH Access (VPS)
Secure your VPS root login with Google Authenticator:
sudo apt install libpam-google-authenticator
google-authenticator
Follow the prompts and add "auth required pam_google_authenticator.so" to /etc/pam.d/sshd