How to Disable Wordfence Two-Factor Authentication Without Losing Access to Your WordPress Dashboard
If you’ve been locked out of your WordPress dashboard because you’ve lost access to your Wordfence Two-Factor Authentication (2FA) OTP, don’t worry! This guide will show you how to disable Wordfence 2FA safely using FTP or your hosting provider’s File Manager.
By following these steps, you’ll regain access to your WordPress admin area without compromising your website’s security. Let’s dive in
Why Disable Wordfence 2FA?
Wordfence’s 2FA is an excellent way to protect your site, but losing access to your OTP device can leave you locked out. Thankfully, WordPress plugins like Wordfence can be manually disabled, allowing you to bypass 2FA temporarily and log back in.
Step-by-Step Guide to Disabling Wordfence 2FA
Step 1: Access Your Server Files
To disable Wordfence, you need access to your WordPress installation files. You can do this using:
-
- FTP/SFTP Clients (e.g., FileZilla, Cyberduck)
- Your hosting provider’s File Manager (found in cPanel, Plesk, etc.)
Step 2: Navigate to the Plugins Directory
Once you’ve logged into your server:
-
- Open the root directory of your WordPress installation. This is usually named something like
public_htmlorwww. - Navigate to the
wp-content/plugins/folder. - Locate the folder named
wordfence.
- Open the root directory of your WordPress installation. This is usually named something like
Step 3: Temporarily Disable Wordfence
To disable Wordfence, simply rename its folder. For example:
-
- Rename
wordfencetowordfence_disabled.
- Rename
This action disables the Wordfence plugin without deleting it. WordPress will no longer load the plugin, effectively bypassing the 2FA system.
Step 4: Log into WordPress
With Wordfence disabled, you can now log into your WordPress admin dashboard without needing a 2FA OTP.
Step 5: Re-enable Wordfence and Adjust 2FA Settings
-
- Go back to the
wp-content/plugins/directory and rename thewordfence_disabledfolder back towordfence. - In your WordPress dashboard, navigate to Wordfence > Login Security and adjust the 2FA settings.
- If you want to disable 2FA entirely, you can do so here.
- If you’re reconfiguring 2FA, make sure to save your new OTP setup and keep the recovery codes somewhere safe.
- Go back to the
Tips for the Future
-
- Always save your 2FA recovery codes in a secure location when setting up Wordfence 2FA.
- Consider using a password manager that supports storing 2FA codes.
- If you lose access to your OTP device, having recovery codes ensures you won’t need to go through this process again.