What Is The WebAuthn & Passkeys For 2FA Feature And How To Use It

Passkey authentication provides a secure and passwordless way to access your WordPress site. It replaces traditional username and password logins with digital credentials, making login more secure and more convenient.

Users can register Passkeys & FIDO2-compatible devices to complete their WordPress login.

How Does Passkey Authentication Work?

It utilizes asymmetric cryptography and authenticators (hardware or software devices) to issue and verify secure credentials. Passkeys communicate with web browsers and servers using the Web Authentication API (WebAuthn) and adhere to FIDO2 standards, improving security.

How to use Passkey Authentication with Shield Security

With Shield, you can easily implement Passkey authentication. Just enable this option in the settings first:

Then, you can add FIDO2-compatible authenticators to your WordPress profile, track their usage, and even remove them if necessary.

Passkeys include any FIDO2-compatible devices, such as Windows Hello, Apple Face ID, Apple Touch ID, compatible fingerprint readers, FIDO2 Yubikeys, and FIDO2 Google Titan keys, as well as authenticator apps like 1Password and BitWarden, giving you a wide range of options for improved security.

Important: To use Passkeys, your server will need either 'bcmath' or 'gmp' extension - most server usually have at least 1 of these.

You'll be able to see if your server has the necessary support under Passkeys option. If it isn't supported, you'll see a warning message. 

Please note that Passwordless login is not supported at the moment but may be available in future updates.

For the detailed explanation on how to setup and use Passkeys, read this blog article or watch the video here.

Note: ShieldPRO is required for this feature. To find out what the extra ShieldPRO features are and how to purchase, please follow this link here.