Want to login easily while using strong passwords on your WordPress site? Clef is a popular two-factor authentication tool that allows you to log in to your WordPress site without entering a password. In this Clef review, we will take a look at its features and ease of use.
Why Do You Need Two-Factor Authentication with Clef for WordPress?
Passwords are the first layer of security between hackers and your website. You should always user long and strong passwords to make them harder to crack. However, the problem with strong passwords is that they are hard to remember.
See this guide on the best way to manage WordPress passwords.
But what if someone got access to your password itself? This happens more regularly than you could imagine.
Two-Factor authentication eliminates the need for passwords by adding an external layer of security. You can use your phone to log in your WordPress site.
Having said that, let’s take a look at how Clef implements two factor authentication in WordPress.
Setting Up Clef for WordPress
First thing you need to do is install and activate the Clef Two-Factor Authentication plugin for WordPress. Upon activation, you will be automatically redirected to Clef setup wizard. Simply click on the Get Started button to continue.
Next you will be asked to enter your phone number. This step is optional; you can skip this and directly download Clef app from App Store for iOS and Play Store for Android devices.
After installing the app you will be asked to signup with Clef. Once your mobile app is ready, come back to WordPress and click on ‘I already have the app button’ to continue.
Clef will now show you a wave of bars on your WordPress screen. On your phone, it will turn on Camera with similar wave bars. Point the Clef app screen to WordPress and Clef will automatically sync both waves.
That’s all! You have successfully setup Clef on your WordPress site. For more information, take a look at how to add password free login to WordPress using Clef.
Easily Manage Strong WordPress Passwords with Clef
As we mentioned earlier that managing strong passwords seems like a lot of work to most users. Clef allows you to login without entering your passwords. Just sync the wave and you are logged in, you can even disable password completely to protect your site from some common brute force attacks.
Your WordPress site as secure as its weakest password. If run a multi-user WordPress site, then you can also invite all other users on your site to setup Clef. All your users will setup the Clef the same way you did. They will need to install the app on their phones and sync it with Clef for WordPress.
If you use Clef on multiple WordPress sites, then don’t worry — you can sync all those sites with Clef. Once you login to one WordPress site, Clef will automatically log you in to other sites when you visit them.
The onboarding and overall user experience for Clef is extremely pleasant. It is very simple to use, and highly secure.
Safety and Security with Clef for WordPress
Clef is very secure and safe, here is how it actually works.
It replaces your WordPress passwords with a two-factor authentication system. This means that basically you are authenticating on your WordPress site using two security keys.
The first one is obviously your WordPress login details, i.e. username and password. This username and password is stored on your Clef device in an encrypted form.
The second factor is the Clef mobile app on your site, which recognizes websites using RSA-Public Key encryption system.
In order to complete a login, you will need not just your WordPress password but also your mobile device. In case, your password is stolen or hacked. There is still another security layer to protect your WordPress login.
Clef stores your encrypted key on your phone instead of the cloud. Even if Clef’s servers are breached your login credentials will remain securely stored on your phone.
Is Clef All You Need for WordPress Security?
Clef will make your WordPress site secure, but the WordPress admin dashboard is just one entry point to break into your website.
More advanced hackers can try and break into your web server, use compromised email accounts to gain access to your hosting dashboard, SQL injections, and various other techniques.
Use long, unique, and strong passwords for your FTP account, hosting control panel, and MySQL database.
Pricing and Support Options for Clef
Clef is free to use for up to 10,000 logins per month. Most users will probably never even come close to this number even if they are using Clef on multiple sites.
After the free account limits, users can choose a volume pricing plan starting from $700 per month for up to 100,000 logins. Users can also choose price-per-login model which costs $0.010 per login.
Basic user support is provided by email and community chat room on Slack. Clef’s official website has extensive documentation available for developers who want to integrate Clef into their applications.
Our Verdict on Clef for WordPress
We believe that Clef offers an excellent two-factor authentication solution for WordPress powered websites. It is extremely easy to use and it is free. It allows you to avoid managing strong passwords and protects your WordPress site from login breaches.
We give Clef 4 out of 5 stars. Here is the breakdown of our scores.