Important Notice: Beginning February 25, 2014, all site admins on WordPress.com VIP sites will be required to use Two-Step Authentication to login.
At WordPress.com VIP, we take security very seriously, and we see this as a critical next step in protecting your sites and content. While it’s important for all your users to proactively practice good password hygiene, Two-Step Authentication is absolutely necessary for site administrators.
In addition, the WordPress.com VIP team has released a new feature that allows you to enforce Two-Step Authentication across your site for all your users, and as an incentive, we’re happy to offer a complimentary one-year subscription to our Site & Security Monitoring Add-On to any VIP customer who enables Two-Step Authentication for all users across their sites. If you are interested in this, please get in touch.
Before Feb. 25, we encourage you to actively work with your site admins to enable Two-Step Authentication, or remove the admin role from anyone who does not need it. Two-Step Authentication requires a phone with either the Google Authenticator app, or the ability to receive SMS messages. Instructions on how to enable Two-Step can be found here. On Feb. 25, admins will not be able to access their VIP site without Two-Step.
As always, if you have any questions, please get in touch.
WordPress VIP Lobby 