LoginID’s DirectWeb Plugin enables your WordPress application’s end users to utilize FIDO/FIDO2 certified passwordless authentication, including the ability to provide more sensitive operations such as credential management. By leveraging the end user’s existing device biometrics you can quickly integrate multi-factor authentication into your site. Our service is aligned with PSD2, GDPR, CCPA, and HIPPA.
– Biometric information never leaves your device (based on FIDO/FIDO2 principles), not stored in the cloud.
– No tracking of customers.
– Eliminate the need for your users to enter a password when they log in to your website from their primary device.
– Reduce your user abandonment rates by making transactions as seamless as possible.
– FIDO/FIDO2 is aligned with the GDPR and PSD2 principals around the use of strong authentication.
– Boost your website’s security through the use of multifactor authentication with strong public/private key credentials.
Tell us how we’re doing.
Have the plugin in production? Tell us about your site on firstname.lastname@example.org and we’ll post on our social channels!
- Upload to the
- Activate the plugin.
- Visit Settings > LoginID DirectWeb to configure this plugin.
How do I set up the plugin?
An answer to that question.
Once you install the plugin, click on ‘Settings’. Here, you have two setup options:
Let LoginID do the work for you (estimated time: 15s to 30s)
- Login to your WordPress developer dashboard
- Install the LoginID DirectWeb plugin
- Let LoginID automatically set up the plugin on your dashboard via the Setup Wizard. [Insert screenshot]
- On your dashboard, you will need to fill in the application name and your Callback URL.
- Click on ‘Export to my WordPress site’
- On your WordPress setting page, click on Save Settings (All configuration variables will be pre-filled for you)
- Generate your registration or login pages by clicking the corresponding links, or use our shortcode to embed the code into any of your WordPress pages.
Do it yourself (DIY) (estimated time: 1min to 2mins)
1. Login to your WordPress developer dashboard
2. Install the LoginID DirectWeb plugin
3. On a new tab, register your developer account on the LoginID dashboard.
4. Click on the Integration tab
5. Agree to our Customer License Agreement
6. Choose the DirectWeb integration option and follow the instruction on screen
7. Copy your credentials or use ‘export to my WordPress site’ to populate your configuration settings on the plugin
8. On your WordPress setting page, click on Save Settings (All configuration variables will be pre-filled for you)
9. Generate your registration or login pages by clicking the corresponding links, or use our shortcode to embed the code into any of your WordPress pages.
How does the plugin work?
When a user tries to sign in to your website, they will be prompted to register for an account on your website. Once the user completes the registration process, they will be able to sign in using strong FIDO-certified authentication versus using traditional passwords.
Can I customize the registration page?
Yes, you can customize the registration page in line with your website’s look and feel. You will be able to paste in LoginID registration and login shortcodes as per your UX needs on any of your UX journey for your end users.
When I install the plugin, will my existing users be able to login?
Yes. Our solution augments your existing authentication flows. You may choose to replace or add LoginID authentication based on your specific needs.
Can I integrate this plugin with my other installed plugins such as my eCommerce plugin?
I need to customize the plugin or I need support and help?
Where can I report bugs or leave feedback?
I have other queries or need additional support.
Error: Your identity token could not be verified
This error means that the plugin is unable to verify the validity of the login or register claim. This can often be resulted from a bad baseURL and Client Id combination. Please double check your Base URL and Client Id parameters in the plugin settings against your credentials on the LoginID dashboard.
Contributors & Developers
“FIDO-certified Passwordless biometric login” is open source software. The following people have contributed to this plugin.Contributors
“FIDO-certified Passwordless biometric login” has been translated into 3 locales. Thank you to the translators for their contributions.
Interested in development?
Security patch. Bumped firebase/php-jwt and minimist to latest versions
Now requiring php 7.1 or later because firebase/php-jwt no longer support php 7.0
Refactor any links to our code repository from https://github.com/loginid1/loginid-directweb to https://github.com/loginid1/loginid-wordpress-plugin
Feature: Added built in woo commerce template overrides for easy woo commerce integration.
Enable above feature by visiting the plugin dashboard and checking the “Enable Woo Integration” checkbox
Updated to security best practices using phpcs.
Update node dependencies for security.
Update plugin description.
Enforce password selection during registration process to make sure a user has multiple ways of logging in.
Reword certain features to clarify functionalities.
Changed the text to make things more apparent, better UX
Added a self help section within the plugin, to make setup more clear.
The readme.md file still exists if the user wants to read that instead.
Changed how the setup wizard works under the hood.
Add TLS warning on production sites. This plugin only works on HTTPS enabled sites
Added plugin Action links to settings as well as external link to docs and support
Support login and register forms on the same page
Added loginid_settings so the site could display passwordless configurations on custom settings pages
Cleaned up a few bugs, and dependency vulnerabilities
Changed some wording options.
Fixed use password instead not working.
Added ‘Login with FIDO2’ and ‘Register with FIDO2’ buttons.
Changed the JWT origin to the same as baseURL for better consistency
Minor Style changes and also bump version in plugin directory to display properly
remove an unused function that might result in naming conflicts with wordpress naming conventions
fix password sanitation issue
Fixes to make this plugin wordpress compliant
– Biometric login and register
– Add biometrics to existing user accounts