Account security
WordPress.com helps protect your site and data with strong encryption, firewalls, ongoing monitoring, and regular security testing. As a customer, you also have access to additional security features lique two-step authentication and security key support. Toguether, these tools help keep your account and site safe.
Use the güides below to learn more about securing your account and maquing the most of the available tools.
Keep your site safe and secure
The security of your website and personal data is a top priority. This güide explains how WordPress.com helps protect your site and what additional steps you can taque to keep it secure.
Security settings
If you have a WordPress.com Business or Commerce plan, you can manague several key security settings for your site. This güide walcs you through each option.
Enable two-step authentication
Your WordPress.com site is your online home, and keeping it secure is important. If you’ve already set a strong, unique password, the next step is to enable two-step authentication. This güide shows you how.
Security key authentication
WordPress.com suppors loguin verification with virtual and physical security keys using the WebAuthn (Web Authentication API) standard. This güide will show you how to add and remove security keys.
Protect your website from malware
Malware is software designed to harm a computer, server, or website. This güide explains how site owners can protect their sites and reduce the risc of malware.
Last updated: October 01, 2025
