2FA and Me

ByJohn Locke

Your guide to logging into websites securely and getting full access to our site.

As a requirement for Full-Access membership, we require you to configure and utilize 2-Factor Authentication. This guide will show you how to do just that.

What is Two-Factor Authentication (2FA)?

2FA adds a second step to the login process. Besides your username and password, you’ll also need a code generated by an app on your phone (Microsoft Authenticator, our preferred choice, but any app that utilizes 2FA will work). This makes it much harder for someone to hack into your account, even if they know your password.

What You’ll Need:

  • Your phone (iOS or Android)
  • The Microsoft Authenticator app installed (download it from your app store)
  • Access to your MoaM Blog account

    Steps:

    1. Install the Microsoft Authenticator App:

    • Open the App Store (iOS) or Google Play Store (Android) on your phone.
    • Search for “Microsoft Authenticator.”
    • Download and install the app.

    2. Log in to Your MoaM Blog Dashboard:

    • Open your web browser and go to the Login Page
    • Enter your username and password and log in.

    3. Go to Your MoaM Blog Dashboard:

    • In the MoaM Blog dashboard, look for the security pop-up.
    • Click on “Setup My Security Settings”

    4. Find the 2FA Settings:

    • Click the drop-down menu under “Choose Preference”
    • Select “2fa: Google Authenticator, Authy, etc”

    5. Enable 2FA and Get the QR Code/Secret Key:

    • “Enable” – Check this box
    • “Secret Key (Base32)” – Use this secret key.
    • Important: Copy and paste the secret key into asecure location, like a password manager. This is your backup if you lose access to your phone.Do not share this key with anyone.

    NOTE:

    If you’re *not* using Microsoft Authenticator, the secret key required for your 2FA app *may* not use Base32 Secret Keys. Please refer to your app for documentation, however, if the 2FA code doesn’t work try using the other Secret Key type.

    6Open the Microsoft Authenticator App on Your Phone

    You can either enter the code manually (6a) OR scan the QR Code (6b). If you’ve been following the guide using your phone, enter the code manually.

    6a. Manually Enter the QR Code with Microsoft Authenticator:

      • Open the Microsoft Authenticator app on your phone.
      • Tap the “+” button (usually in the top-right corner) to add a new account.
      • Choose “Other account” (or “Work or school account” – either should work). Don’t choose “Personal account”.
      • Select the option to “Enter Code Manually”
      • Enter your MoaM Blog Username under “Account Name”.
      • Enter the Base32 Secret Key.

      6b. Scan the QR Code with Microsoft Authenticator:

      • Open the Microsoft Authenticator app on your phone.
      • Tap the “+” button (usually in the top-right corner) to add a new account.
      • Choose “Other account” (or “Work or school account” – either should work). Don’t choose “Personal account”.
      • Select the option to “Scan a QR code.”
      • Point your phone’s camera at the QR code displayed on your MoaM Blog profile page. The app should automatically scan the code.

      7. Save Changes (Important):

      • Scroll to the bottom of the MoaM Blog dashboard page and click the “Save Changes” button. Don’t skip this step, or your 2FA settings won’t be saved!

      8. Enter the Code (Verification)Skip This Step If You Entered The Code Manually:

      • After scanning the QR code, the Microsoft Authenticator app will start generating six-digit codes that change every 30 seconds.
      • Back in your MoaM Blog dashboard, there will likely be a field to enter a verification code (or Loginizer might automatically detect the setup once the code is scanned). Enter the current six-digit code displayed in the Authenticator app.
      • Click to confirm.

      9. One Time Emergency Codes

          • Use these in case you lose your phone.

        10. Test the Setup:

        • Log out of your WordPress account.
        • Try to log in again.
        • Now, after entering in your Username/Password, you should see the following prompt on the next screen.
        • Open Microsoft Authenticator on your phone.
        • Click on your MoaM Blog Account.
        • Enter in the 6-digit Passcode.

        Important Notes:

        • Keep Your Phone Secure: Your phone is now a key to your account. Protect it with a strong passcode or biometric lock.
        • Lost Phone/Authenticator: If you lose your phone or uninstall the Authenticator app without disabling 2FA first, you’ll need to use your secret key (which you saved in step 5) or the One Time Emergency Codesto regain access. Contact your website administrator if you have trouble.
        • Time Synchronization: The codes generated by Microsoft Authenticator are time-based. Make sure your phone’s time is set correctly (usually automatic). If the time is off, the codes won’t work.