Recently I have been reviewing a number of wp-admin login alternatives that allow for login via phone. The first among the plugins tested was LaunchKey, which I spoke about in this LaunchKey Review post. Though the functionality of LaunchKey was promising, it seemed to explode on the launching pad when it came to initial setup. Even with the valiant efforts in an hour-long back-and-forth exchange with their support team on Twitter to get me going, it seemed that the setup challenges were the biggest obstacles. It was so frustrating that I opted to delete LaunchKey altogether and forever give up on the idea of secure, remote smartphone-enabled logins.
Sensing my frustration and desire to get this technology implemented in my installations, the team over at GetClef.com decided to get to work. They created something for me that not only had every piece of functionality that I was looking for, but they did it with an installation process that took no more than 60 seconds to install the app on my iPhone, install the plugin and have them both talking to each other. OK, so they didn’t create it for me specifically, but from how beautifully this integrates, it sure feels like they completely read my mind in regards to the functionality and ease of use that I was looking for!
To begin, you simply navigate to the Clef app page which asks for your mobile number. Once entered, Clef will text you the link to install the app on your phone. Currently both iOS and Android versions are available for integration with the Clef plugin. Once installed, the app will have you set up a pin number to protect anyone from using it to login to your sites. So even if you lose your phone, you won’t have to worry that someone out there can login to all your sites.
Clef is touted as the simplest way to login to multiple sites without passwords in a secure, encrypted way that is as easy to use as taking a photo. Here’s Clef’s Brennen Byrne giving us a quick walk-through on how the system works and what it does.
As stated in the video, one scan of the QR code enables complete login of ALL your WordPress installations. If you login to one site that is Clef-Enabled, you have access to every other Clef-capable site in your network without having to login again. I can’t stress enough how much of a time-saving feature this is. Often I work with collaboration teams and outsource workers that often require access to one or several of my WordPress web properties. This tool allows me to easily add and remove credentials for an individual within Clef on a network wide basis, so I can assign a person specific properties to work on. When they are finished with the tasks and milestones assigned, I can simply remove them network wide and not have to be burdened to login to each individual site to remove the user credentials or their permissions.
From a designer and developer perspective, this is a really great selling point to include in your design proposals and specs to clients. Larger companies and organizations can easily manage user roles and login capabilities by implementing Clef for their WordPress installs. It’s just one more tool that gives WordPress the decided advantage over using other CMS platforms.
Let’s also talk about the security reinforcement of this app/plugin combo. How many of you out there use the same admin password for all your installations? Come on, I know there are lots of you out there that do this. It’s a bad practice to get into because once one of your sites is compromised, they all are. Most of us don’t like to use different passwords, especially if our network is 50-100 installations deep. Clef can make it easier for you to keep your logins in one place without exposing yourself by using duplicate passwords across your network.
Even if you are just passively intrigued at the concept of remote gadget WordPress logins, Clef is worth investigating. With remarkably quick setup and ease of use, this plugin has earned a permanent spot in my everyday plugin roster. I love the advancements that WordPress is making with device integration and Clef is just another great reinforcement as to why we love using WordPress so much!
The problem I see with 3rd party apps like Clef is that we’re now adding at least 2 or more companies that we have to entrust with our login processes, Clef, and our mobile OS to name just two. I don’t think that is the right tack to solving the unauthorized access problem. I don’t see this solving the password problem either because one might as well install a password program to remember the passwords and fill them in automatically. At least with that solution, you don’t have to rely on another companies servers.
For a more seamless login experience Persona is a nicer, hassle-free solution. And finally, I’m very hesitant to make a mobile device more important than it already is. The more important we make it, the more dangerous the security risk. Having to increasingly rely on a mobile for everything is not something I want, for various reasons ranging from practical to philosophical. As a consumer, I’d rather be moving in the opposite direction (using a phone as a tool rather than being a slave to a be-all, do-all, always-needing-to-be-by-my-side device). I think it’s healthier in the long run.