Could you add the fido u2f plug-in?
Could you please add fido u2f plug-in?
I think it’s a great idea to have this plug-in for anyone concerned about security in order to prevent phishin attacks. It is much more secure than time based one time passcodes.
Plug-in is available at https://github.com/shield-9/u2f-login
The blog I need help with is farmaciadoctorferran.wordpress.com.
yes this would be very very useful! :)
Yubico CEO blogged about the FIDO U2F plug-in for wordpress:
you are aware that you can use https for your login link and two factor log-in has been an option for well over a year where you are required to have your cell phone in your possession and enter in a code sent to it?
SMS for 2nd Factor authentication works, but it is problematic when one is travelling and using a local SIM. Then they are not able to get the Codes. That has happened to me. Or the phone is not charged / working.
FIDO U2F on the hand doesn’t require cellular connectivity or a device that needs charging.
If they put it in, all WP.com blogs would have to use it and not all of us want it. I lose phones a lot more frequently than I lose passwords.
@raincoaster, not really. It is opt-in. If you want strong auth you can enable on your account. If not, static password will be default.
One more thing I like about FIDO U2F / FIDO UAF is that it also protects against phishing using public key cryptography. The FIDO U2F / FIDO UAF devices actually mint certificates.
Using SMS for second factor doesn’t prevent against phishing attempts.
The topic ‘Could you add the fido u2f plug-in?’ is closed to new replies.