Clef creates two factor authentication for logging into your WordPress site and you should use that because passwords are not a great authentication method. Passwords are great in theory, but in practice, when users are asked to choose and manage strong passwords, they don’t. They choose easy-to-remember and hence easy-to-guess passwords. And they use the same password on many different sites. These behaviour is like a gift to hackers targeting WordPress websites.

Clef plugin is a security plugin that normally is used for increasing the security of WordPress blogs and this plugin is the best one out there to stop hackers to try to login to your blog. I will be honest with you – I feel fancy and high tech when I use Clef. Two factor authentication is strong access protection without passwords or tokens. Something that WordPress lacks in a era that consistently has security issues due to cheap hosting and mis-management of sites. Clef Two-Factor Authentication has the means to help with this.

How two-factor authentication works

Two factor authentication requires a smart phone, but these days who does not? The first thing you will have to do is get the Clef app for your phone. You’ll be asked to create an account there, so enter in your first name, and your email. After that, Clef will send you an email to confirm your email address, which will set the app up. When you’ve done this, click the confirmed button on your phone.

Next, you’ll be prompted to create a four number pin. This will be the pin that you use to access the app on your phone so that you can connect to other devices. After you set up your pin, you will see a bouncing wave on your phone. We’ll come back to this in a bit. Now you have the install the plugin on your WordPress site. After you have the Clef plugin installed, you will be directed to the settings page. At the top of this page you will see a wave, similar to the one on your phone. Hold up your phone to your screen, and line up the two waves. This will pair your phone authentication with your WordPress site.

After all your WordPress login screen will change into something like that:

Whole installation steps are very easy. Just go with the wizard and do step by step what Clef ask you to do. You can’t mess that so go ahead and try. There are some settings in wp-admin to play later, but initial configuration is out of the box.


Clef is a third party service, which is always a bit worrisome when it comes to security, but Clef has a pretty good adoption rate, and there’s a chance that some of your users may be using the technology already. It’s definitely not for everybody, as it requires the use of a smartphone to log in, and is probably only useful for the tech-savy. But, if you are tired of having to remember a ton of different passwords, then it’s probably the app for you. Clef is updated pretty often with new bug fixes and easier set-up options. If you are looking for support, it is most likely best to go straight to the Clef website, and scroll through to the end, or go directly to their Support page. It’s also worth noting that I checked out a few different multi-factor authentication services in my research, and I found Clef to be the easiest to set up. But I’m open to any suggestions for other similar platforms to review.

If you have any questions about using Clef for better WordPress security, feel free to leave a question in the comments!

[wp-pic type=”plugin” slug=”wpclef” layout=”large” scheme=”scheme2″ align=”center” margin=”22px 0″ ]

You've read this article thanks to


ROBAK.CO is headed up by me, Tom Robak. As a photographer, web designer, marketing and SEO specialist, I understand the complications and fears of running a photography business. That's why I provide all the information you need to smoothly run your photography business. I lead a team of professionals to help provide the best education and tools for your photography business.

All author posts
If you like it share it or comment below