1. Aleš Sýkora

    Is it safe? You know, wordpress plugins and their vulnerabilities…


    • Peter Shaw

      The idea is good and secure.

      The issue is though that the user may be unfamiliar with the implications of the technology.

      Basically authentication can become paired to an account on a device. Therefore a user who did not understand this could expose his WordPress account if the account on the device is shared.

      Not really an issue for face or fingerprint ids which can’t really be shared but a shared pin on a device then means everyone with the device pin can access the WordPress account.


  2. Rob James

    Gave this a quick spin this morning and appears to work great on standalone sites and multisite primary sites.

    For subsites on multisite, if the user is the same as the primary site it fails to store the token (i presume due to one already existing but not linked to subsite).

    Really looking forward to seeing where this goes as it’s a great experience.

    One thing to note, if you do not have a Nickname set in the user profile it displays the existing username on the login page.


  3. Skyler

    But… it shows the user list before logging in? Or only the users for that device?


  4. John Smart

    Nice plugin, will be giving it a try


  5. Peter Shaw

    Webauthn has great potential but this plugin did not work for me at all.

    I had more success with the other older webauthn plugin but even that one would not save.

    Pity conceptually this could be great and the online demos of the technology work well


  6. Ali

    I have been waiting for this plugin. This is how devices started getting rid of passwords. Then some native phone apps followed. Now to web apps and WordPress. This is the future.


Comments are closed.

%d bloggers like this: