Could you add the fido u2f plug-in?

  • Author
  • #2158279


    Could you please add fido u2f plug-in?

    I think it’s a great idea to have this plug-in for anyone concerned about security in order to prevent phishin attacks. It is much more secure than time based one time passcodes.

    Plug-in is available at


    The blog I need help with is


    yes this would be very very useful! :)


    Yubico CEO blogged about the FIDO U2F plug-in for wordpress:
    <a href=”



    you are aware that you can use https for your login link and two factor log-in has been an option for well over a year where you are required to have your cell phone in your possession and enter in a code sent to it?



    SMS for 2nd Factor authentication works, but it is problematic when one is travelling and using a local SIM. Then they are not able to get the Codes. That has happened to me. Or the phone is not charged / working.

    FIDO U2F on the hand doesn’t require cellular connectivity or a device that needs charging.





    If they put it in, all blogs would have to use it and not all of us want it. I lose phones a lot more frequently than I lose passwords.


    @raincoaster, not really. It is opt-in. If you want strong auth you can enable on your account. If not, static password will be default.



    One more thing I like about FIDO U2F / FIDO UAF is that it also protects against phishing using public key cryptography. The FIDO U2F / FIDO UAF devices actually mint certificates.

    Using SMS for second factor doesn’t prevent against phishing attempts.




    The linked U2F implementation is AGPLv3, which will probably never use.

    However, this implementation is GPLv2:

    Please add this capability to!

The topic ‘Could you add the fido u2f plug-in?’ is closed to new replies.