How to set up WP 2FA to use Authy authentication

WP 2FA supports Authy as one of the 2FA authentication methods - giving you the opportunity to use Authy OTPs as well as authentication via SMS, voice, Whatsapp, push notifications, and others on your WordPress website.

In this knowledge base article, we will be going through the entire process of setting up Authy on WP 2FA for the first time - from setting up a Twilio account (Authy is a service provided by Twilio) all the way to configuring your WordPress website to use Authy.

Important note: Some services such as SMS and voice authentication may require account credit. At the time of writing Authy is offering new sign-ups free credit for testing purposes.

Step 1: Create a Twilio Account

Authy is offered by Twilio - a customer engagement platform company. We need a Twilio account to access and configure Authy, which we will set up now.

  1. Head to twilio.com
  2. Sign up for a Developer account

You will also need to download Authy on your phone and configure the app accordingly. You need this app to receive notifications as well as the OTPs for logging in.

Step 2: Subscribe to Authy

Once you have your Twilio account set up, log in and go straight to the Console. From here, click the Explore Products option from the menu on the right and then click on Authy.

Now that you have subscribed to Authy, it is time to configure it:

  1. Click the blue Get Started button
  2. Verify your phone number
  3. Save your recovery code

Step 3: Build your Authy application

In the next step, we will build our Authy application. Think of an application as an instance of Authy which has a particular set of configurations that match your settings. When an application is created, you will get an API key - which you need to enter in WP 2FA. API, which stands for Application Programming Interface, essentially establishes a language and a communication channel that allows two applications to communicate with each other.

First, we give it a friendly name that will make it easy to recognize. This can be especially critical if you are using Authy for other services or websites. Click the blue Create Application button to confirm the name.

Once that is done, you will need to enter your first user, which in this case can be your own account. This will allow you to run tests to make sure that everything is working properly before deploying it to the rest of your users.

  1. Enter your email address
  2. Select the country code of your phone number from the drop-down menu
  3. Enter your phone number

Once ready, click on Make Request. You will receive an Authy request on your phone which you need to accept to complete the process.

Step 4: Configure WP 2FA

Now that the Authy application has been configured, we can go ahead and configure WP 2FA to use Authy. Before heading to your WordPress website, make sure you grab the Production API Key, which you’ll find on the application’s Settings page.

  1. Log into WordPress
  2. Navigate to WP 2FA > 2FA Policies

Depending on whether you have set up site-wide policies or role-based policies, navigate to the relevant tab and scroll down to the Select the allowed primary 2FA methods section.

From here, tick the checkbox next to Authy 2FA service and enter your Production API Key. The plugin will verify the API key and accept the new setting. Remember to scroll down to the end of the page and click the Save button.

Congratulations, you have successfully set up Authy 2FA authentication on your WordPress website.

Users will now be able to choose Authy as their 2FA authentication method of choice. In this article, we configured OTP code however Authy offers many other authentication channels that you can use from.

Last updated on