Are you looking to secure your WordPress website from script kiddies and hackers using passwordless authentication? If yes, then you’re in the right place. Securing a WordPress website is one of the most important things we have to focus on even before writing our first blog post.
So today, in this guide, I’ll explain how you can easily set up secure and hassle-free passwordless authentication in your WordPress website, even making no changes to coding or anything else. This guide will help you to enable hassle-free and passwordless signing to your WordPress admin dashboard in a way you can only access that!
Here, we’ll talk about one of the most efficient yet newest plugins named “Passwordless WP.” The plugin is developed by a full-stock developer named Ilya Zolotov from the WP Busters team.
The plugin allows end-user to securely sign in to their website using their Face ID, Touch ID, and even by using their secure PIN. The goal of this plugin is to make accessing websites simpler, more comfortable, and more secure.
Now, before discussing how you can use this plugin to set up a secured and more comfortable login to your website,
first, let’s talk about…
How’s “Passwordless WP” Plugin Developed?
Ilya Zolotov developed this plugin after finding his old email ID and old password leaked in a public database. As you know, millions of emails and passwords leak or get stolen every year, so the motive of building this plugin is to secure the credentials of WordPress more efficiently and seamlessly.
He also stated that,
“I like this feature of my laptop, and I am using it every day. As well as, I am using it to avoid entering the ‘root’ password in terminal using my finger, it’s comfortable and any sniffer can’t capture my password.”
Last year, he checked the browser compatibility to handle the seamless passwordless authentication in WordPress, but he got disappointed because the safari browser in iOS only supports external USB keys.
Now in 2020, he saw Apple’s summer news on the update of authentication, and the platform will be available on iOS 14, BigSur on Safari, and now the passwordless authentication is working in chrome.
So he developed the initial build of this plugin using stable cryptographic libraries and an easy-to-use interface. He also assures users that it is safe to use this plugin, faster, secured, and it has a certified protocol. He also confirmed that the plugin doesn’t store any personal data on servers or on third-party services.
How Passwordless WP Works?
Not sure whether or not this plugin is secured for your website? Or how does it work?
The Passwordless WP plugin requires HTTPS or a valid SSL certificate on your website to work unless you’re using it on a localhost environment for testing purposes.
It also required a minimum PHP version of 7.2. Outside of it, the plugin is compatible with all WordPress websites with seamless integration.
Also, the Passwordless WP plugin runs on the user level to handle user login and authentication. It means each user will get the separate option to passwordless authentication to authenticate themselves in a hassle-free manner, and that’s the good part of using this plugin.
How this Plugin Differs from Others?
As we told you, this plugin works differently than the plugins available in the market. Other plugin uses SMS, Email, or another type of verification for authentication, and it will be harsh for you to authenticate yourself using these methods. You’ve to open your mobile device or email to enter the code or click on the verify link.
But with this plugin, you don’t need to follow all these steps to authenticate yourself; everything will be done using your secret PIN, your Touch-ID, or using your Face ID (which is now supported with Safari on iPhone after iOS 14 update).
This way, it will not make your life harder, and you can seamlessly authenticate yourself within a second – which, in my case, is one of the best things, and now you can easily add this feature to your WordPress website within a minute or two using their “Passwordless WP” plugin.
Till now, we have understood how this plugin works and how it is created.
Now we’ll discuss setting up this plugin with the WordPress website, so follow the methods I’m sharing below to enable this feature in your WordPress website.
How to Set up Passwordless Login in WordPress
Setting up passwordless login in your WordPress website is easy, and in this guide today, I’ll share the method through which you can seamlessly integrate this feature on your WordPress website.
I’m hoping you could read the guide till the end and follow every step I’m going to share. It will help you to configure the plugin on any WordPress site properly.
So, the first step is to download the “Passwordless WP” plugin from the WordPress repository. And to download the plugin, visit Plugins > Add New and search for the “Passwordless WP” plugin. You can also click here to download the plugin instantly.
Once you search for the plugin, it will show the option to “Install Now“. Click on the button to start downloading the plugin to your WordPress repository.
Once the plugin is downloaded, click on the “Activate” button showing in the blue color. Once you clicked on the button, it will activate the plugin on your website.
The plugin is activated in your WordPress website and is ready to configure for your seamless passwordless integration. You can now register your token to enable the plugin, and registering the token is one of the easiest things for you.
Now, click on the “Add credentials” showing below the “Passwordless WP” plugin name. You can also enable it from Users > Profile > Passwordless Login Credentials.
Once you click on the “Add credentials“, it will redirect you to another page where it asks you to add your passwordless credentials. Click on the “Register Token” showing in the blue-colored button.
As I’m using Google Chrome on MacBook Air, it shows the option to enable passwordless authentication using the Touch ID (Using your fingerprint or the password).
Now verify your identity by using the authentication method suitable for you.
Once you verified your identity, it will display a success message named “Passwordless credentials added“. Once it is added, you can go back to your profile by clicking on the “Go to My Profile” button.
Now, whenever you try to login to your WordPress admin panel, it will show you another section for passwordless login where it may ask you to “Choose user“.
Once you click on it, it will authenticate you using the method you added to your account (i.e., Face ID, Touch ID, or Secure PIN)
Voila! You successfully set up the passwordless and secured authentication on your WordPress blog.
Frequently Asked Question
How Does Passwordless WP Better than Other Plugins?
It is way better than other plugins because it doesn’t ask you to authenticate yourself using SMS, Email, or by clicking on any verify link. It seamlessly authenticates you by a glance or fingerprint using the Touch ID, Face ID, or Secure PIN.
Along with it, only people who have access to your device can access the website using these methods. So it is more secured than any other authentication method.
Can I Register More than One Token with Passwordless WP?
Yes, you can register over one device on your website using the Passwordless WP plugin. To do so, go to Users > Profile > Passwordless Login Credentials, and click on “Register New Token“.
It will again open the same window to register the token, and if your device supports the passwordless authentication, then you can add your device to your account.
What Authentication Method It Supports?
You can use your glance or fingerprint via Touch ID, Face ID to authenticate yourself for seamless login. It also supports Secure PIN access for authentication.
You can also use the Safari browser on your latest iOS 14 devices to seamlessly authenticate yourself on iPhone. Apart from iOS, I don’t know if it works with Android browsers or not – if you have an android device, please check the plugin and let me know in the comment section below so that I can update the post.
In this guide today, I tried my best to explain everything necessary for you to know before setting up the passwordless authentication for you and the guide to properly set up the authentication using Touch ID, Face ID, or with a Secure PIN.
I tried the stable version of “Passwordless WP” version 1.1.6, which works well with Google Chrome on MacBook Air. I also tried this method with iOS 14 on iPhone 11. It supports passwordless authentication on Safari – but the plugin doesn’t support passwordless configuration and authentication on the Chrome browser.
If you liked this guide on setting up passwordless authentication, then do share this post along with your friends and family and help them to go passwordless with the “Passwordless WP” plugin.
Happy Blogging 🙂