Could you add the fido u2f plug-in?
-
Could you please add fido u2f plug-in?
I think it’s a great idea to have this plug-in for anyone concerned about security in order to prevent phishin attacks. It is much more secure than time based one time passcodes.
Plug-in is available at https://github.com/shield-9/u2f-login
Thanks
The blog I need help with is: (visible only to logged in users)
-
-
Yubico CEO blogged about the FIDO U2F plug-in for wordpress:
<a href=”https://www.yubico.com/2015/01/u2f-wordpress-security-people/
“>https://www.yubico.com/2015/01/u2f-wordpress-security-people/ -
you are aware that you can use https for your login link and two factor log-in has been an option for well over a year where you are required to have your cell phone in your possession and enter in a code sent to it?
-
SMS for 2nd Factor authentication works, but it is problematic when one is travelling and using a local SIM. Then they are not able to get the Codes. That has happened to me. Or the phone is not charged / working.
FIDO U2F on the hand doesn’t require cellular connectivity or a device that needs charging.
Saqib
-
If they put it in, all WP.com blogs would have to use it and not all of us want it. I lose phones a lot more frequently than I lose passwords.
-
@raincoaster, not really. It is opt-in. If you want strong auth you can enable on your account. If not, static password will be default.
-
The linked U2F implementation is AGPLv3, which wordpress.com will probably never use.
However, this implementation is GPLv2: https://github.com/Yubico/wordpress-u2f
Please add this capability to wordpress.com!
- The topic ‘Could you add the fido u2f plug-in?’ is closed to new replies.