10 Comments

  1. Aleš Sýkora
    · Reply

    Is it safe? You know, wordpress plugins and their vulnerabilities…

    Report

    • Peter Shaw
      · Reply

      The idea is good and secure.

      The issue is though that the user may be unfamiliar with the implications of the technology.

      Basically authentication can become paired to an account on a device. Therefore a user who did not understand this could expose his WordPress account if the account on the device is shared.

      Not really an issue for face or fingerprint ids which can’t really be shared but a shared pin on a device then means everyone with the device pin can access the WordPress account.

      Report

  2. Rob James
    · Reply

    Gave this a quick spin this morning and appears to work great on standalone sites and multisite primary sites.

    For subsites on multisite, if the user is the same as the primary site it fails to store the token (i presume due to one already existing but not linked to subsite).

    Really looking forward to seeing where this goes as it’s a great experience.

    One thing to note, if you do not have a Nickname set in the user profile it displays the existing username on the login page.

    Report

  3. Skyler
    · Reply

    But… it shows the user list before logging in? Or only the users for that device?

    Report

  4. John Smart
    · Reply

    Nice plugin, will be giving it a try

    Report

  5. Peter Shaw
    · Reply

    Webauthn has great potential but this plugin did not work for me at all.

    I had more success with the other older webauthn plugin but even that one would not save.

    Pity conceptually this could be great and the online demos of the technology work well

    Report

  6. Ali
    · Reply

    I have been waiting for this plugin. This is how devices started getting rid of passwords. Then some native phone apps followed. Now to web apps and WordPress. This is the future.

    Report

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: