Skip to content

sjinks/wp-two-factor-provider-webauthn

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,806 Commits
.docker/wordpress
.docker/wordpress
 
 
.github
.github
 
 
.wordpress-org
.wordpress-org
 
 
.wpvip
.wpvip
 
 
assets
assets
 
 
bin
bin
 
 
inc
inc
 
 
lang
lang
 
 
patches
patches
 
 
stubs
stubs
 
 
tests/e2e
tests/e2e
 
 
views
views
 
 
.distignore
.distignore
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
.prettierrc.js
.prettierrc.js
 
 
.sonarcloud.properties
.sonarcloud.properties
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
composer.json
composer.json
 
 
composer.lock
composer.lock
 
 
docker-compose.yml
docker-compose.yml
 
 
eslint.config.js
eslint.config.js
 
 
index.php
index.php
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
patches.lock.json
patches.lock.json
 
 
phpcs.xml.dist
phpcs.xml.dist
 
 
playwright.config.ts
playwright.config.ts
 
 
psalm.xml.dist
psalm.xml.dist
 
 
readme.txt
readme.txt
 
 
rollup.config.mjs
rollup.config.mjs
 
 
tsconfig.json
tsconfig.json
 
 
uninstall.php
uninstall.php
 
 

Repository files navigation

WebAuthn Provider for Two Factor Plugin

Build and Test Code Standards Compliance Checks Static Code Analysis Quality Gate Status CodeQL Analysis Donate

This plugin adds WebAuthn and passkey support to the Two Factor plugin, providing a modern, secure authentication method.

Features:

  • Support for WebAuthn and passkeys (Windows Hello, Touch ID, YubiKeys, etc.)
  • Backward compatibility with previously registered U2F security keys
  • User-friendly settings and seamless authentication experience
  • Customizable error logging and behavior via action hooks
  • Works with the Two Factor plugin for flexible 2FA authentication

The plugin enables users to register and use hardware security keys and platform authenticators for stronger protection against password-based attacks and phishing.

Google Chrome deprecated the U2F API. As a consequence, the U2F provider of the Two Factor plugin no longer works. This plugin uses the WebAuthn Authentication API compatible with U2F and provides a replacement for the U2F provider.

The integration is seamless: if the user has U2F credentials registered, the plugin will import them. If the user has the U2F provider enabled, the plugin will automatically enable the WebAuthn provider as well. If the U2F provider is set as the primary authentication method, it will be replaced with WebAuthn, keeping U2F as a backup method.

webauthn.mp4

See readme.txt for the changelog.

Copilot Customizations

This repository includes workspace Copilot customizations (instructions, prompts, agents, and hooks).

See CUSTOMIZATIONS.md for usage and invocation examples.

About

WebAuthn Provider for Two Factor plugin

wordpress.org/plugins/two-factor-provider-webauthn/

Topics

plugin wordpress-plugin security authentication u2f two-factor 2fa webauthn passkeys

Resources

Readme

License

MIT license

Security policy

Security policy
Activity

Stars

21 stars

Watchers

2 watching

Forks

8 forks
Report repository

Releases 35

2.6.1 Latest
Mar 12, 2026
+ 34 releases

Packages

 
 
 

Contributors

Languages