Multi-Factor Authentication for the User Portal

Multi-factor Authentication (MFA) is a method of security that requires you to enter 1 or more factors beyond a password in order to gain access to your account. Verifying your account with additional methods is an added layer of security that helps prevent unauthorized access. MFA uses a set of rules to determine if you need to re-authenticate automatically, such as accessing from a new location or device.


User Portal Login

To log into the User Portal, simply go to https://my.wpengine.com and enter your email address and password.

If MFA has been set up, you may be asked to verify your identity through the method you chose during the MFA setup. The prompt for secondary authentication is based on account activity and your behavior. For example, factors like your geographic location and known devices are taken into consideration, plus many more. In most cases, you will not be prompted for secondary authentication at every login. If a bad actor tries to log into your account with your username and password, our AI will pick this up (because your behavior will be broken) and prompt for the secondary authentication.

If you would like to change the authentication method you would like to use during the login process, simply click the drop down menu when prompted for your Multi-Factor code.



MFA Setup

We highly recommend setting up multiple factors for authentication using multiple devices. This will give you the greatest amount of security and recoverability options.

Note: Before setting up, please be sure you have access to the email address you are logging in with as well as a mobile phone.

Current MFA options are SMS, Google Authenticator, and Okta Verify. Email authentication is not supported.

  1. Log in to the User Portal
  2. Click <Your Name> in the top right corner
  3. Select My Profile
  4. Click MFA on the left side
  5. Choose which MFA option you want to enable by clicking Setup next to it
  6. Follow the prompts to complete setup


Modify MFA Settings

You may need to modify your MFA settings over time, perhaps to update your phone number or setup a new phone. Follow these steps to do this:

NOTE: You must be able to log into the User Portal first before modifying your settings. If you lost your phone and can’t complete the login process, you will be locked out of your account. Please contact us, but expect a long delay on verifying your account for security verification purposes.

Update Phone Number

  1. Log in to the User Portal
  2. Click <Your Name> in the top right corner
  3. Select My Profile
  4. Click MFA on the left hand side
  5. Under “Login Credentials”, you can update your mobile phone number.

Reset MFA Settings

  1. Log in to the User Portal
  2. Click <Your Name> in the top right corner
  3. Select My Profile
  4. Click MFA on the left hand side
  5. Disable the MFA app you want to reset
  6. Re-enable it and follow the prompts


MFA FAQ

Still need more help? We’ve curated a list of commonly asked questions to help all of our customers understand how and why this migration is taking place.

Why are you migrating my user?

WP Engine specializes in providing a world class WordPress Digital Experience platform. We want to continue to focus on our specialization while taking advantage of the resources provided by a vendor (OKTA) that specializes in user management.

Will my login still work?

Yes! We are migrating user names and passwords to our new user management vendor (OKTA), so your login credentials will still work on the new system.

Do I need to reset my password?

You will still be able to login with your original password, but we do recommend a password reset following the first time logging in to the new system.

How do I reset my password?

We have a support center article that can help with this.

Are you migrating any sensitive information?

We are migrating usernames and passwords for all users. We are also migrating the 2FA settings for any users enrolled in this service.

What happens to my 2FA setup?

We are migrating your two-factor authentication settings to the new multi-factor authentication system. The only change is that recovery codes will no longer be supported. We have 2 additional options available to you now instead – OKTA Verify and Email/SMS. We recommend that you enable multiple options and install your authentication app(s) on multiple devices, in case you lose access to one of them.

How do I use my recovery codes?

Unfortunately, we’re no longer able to support recovery codes on our new system. We have 2 additional options available to you now instead – OKTA Verify and Email/SMS. We highly recommend that you enable multiple options and install your authentication app(s) on multiple devices, in case you lose access to one of them.

Why is my password manager not auto-populating my password?

While your password remains the same, the URL where you need to input the password has been changed. You can search through your password manager for our old login URL (https://my.wpengine.com/users/sign_in) to locate your password. After your first login through the new URL, your password manager may automatically save this new entry. If not, you can update the old URL in your password manager to our new one (https://identity.wpengine.com/signin).

If you have further questions or concerns, please reach out to our 24/7 Support team for assistance.

If you need further help logging in, please open a chat here on this Support site to be forwarded over to Support, or call our Support line at 1-877-973-6446 and select option 2


NEXT STEP: Learn about SSO for the WP Engine User Portal

Still need help? Contact support!

We offer support 24 hours a day, 7 days a week, 365 days a year. Log in to your account to get expert one-on-one help.

The best in WordPress hosting.

See why more customers prefer WP Engine over the competition.