Deactivate Wordfence OTP

How to Disable Wordfence Two-Factor Authentication Without Losing Access to Your WordPress Dashboard

If you’ve been locked out of your WordPress dashboard because you’ve lost access to your Wordfence Two-Factor Authentication (2FA) OTP, don’t worry! This guide will show you how to disable Wordfence 2FA safely using FTP or your hosting provider’s File Manager.

By following these steps, you’ll regain access to your WordPress admin area without compromising your website’s security. Let’s dive in

Why Disable Wordfence 2FA?

Wordfence’s 2FA is an excellent way to protect your site, but losing access to your OTP device can leave you locked out. Thankfully, WordPress plugins like Wordfence can be manually disabled, allowing you to bypass 2FA temporarily and log back in.

 

Step-by-Step Guide to Disabling Wordfence 2FA

Step 1: Access Your Server Files

To disable Wordfence, you need access to your WordPress installation files. You can do this using:

    • FTP/SFTP Clients (e.g., FileZilla, Cyberduck)
    • Your hosting provider’s File Manager (found in cPanel, Plesk, etc.)

Step 2: Navigate to the Plugins Directory

Once you’ve logged into your server:

    1. Open the root directory of your WordPress installation. This is usually named something like public_html or www.
    2. Navigate to the wp-content/plugins/ folder.
    3. Locate the folder named wordfence.

Step 3: Temporarily Disable Wordfence

To disable Wordfence, simply rename its folder. For example:

    • Rename wordfence to wordfence_disabled.

This action disables the Wordfence plugin without deleting it. WordPress will no longer load the plugin, effectively bypassing the 2FA system.

Step 4: Log into WordPress

With Wordfence disabled, you can now log into your WordPress admin dashboard without needing a 2FA OTP.

Step 5: Re-enable Wordfence and Adjust 2FA Settings

    1. Go back to the wp-content/plugins/ directory and rename the wordfence_disabled folder back to wordfence.
    2. In your WordPress dashboard, navigate to Wordfence > Login Security and adjust the 2FA settings.
      • If you want to disable 2FA entirely, you can do so here.
      • If you’re reconfiguring 2FA, make sure to save your new OTP setup and keep the recovery codes somewhere safe.

Tips for the Future

    1. Always save your 2FA recovery codes in a secure location when setting up Wordfence 2FA.
    2. Consider using a password manager that supports storing 2FA codes.
    3. If you lose access to your OTP device, having recovery codes ensures you won’t need to go through this process again.

 

Leave a Reply

Your email address will not be published. Required fields are marked *