Title: WebAuthn Provider for Two Factor Author: Volodymyr Kolesnykov Published: 2022 年 1 月 28 日 Last modified: 2026 年 3 月 12 日 --- 搜索插件 ![](https://ps.w.org/two-factor-provider-webauthn/assets/banner-772x250.jpg?rev= 2909612) ![](https://ps.w.org/two-factor-provider-webauthn/assets/icon.svg?rev=2909612) # WebAuthn Provider for Two Factor 作者:[Volodymyr Kolesnykov](https://profiles.wordpress.org/volodymyrkolesnykov/) [下载](https://downloads.wordpress.org/plugin/two-factor-provider-webauthn.2.6.1.zip) * [详情](https://cn.wordpress.org/plugins/two-factor-provider-webauthn/#description) * [评价](https://cn.wordpress.org/plugins/two-factor-provider-webauthn/#reviews) * [开发进展](https://cn.wordpress.org/plugins/two-factor-provider-webauthn/#developers) [支持](https://wordpress.org/support/plugin/two-factor-provider-webauthn/) ## 描述 This plugin adds WebAuthn and passkey support to the [Two Factor](https://wordpress.org/plugins/two-factor/) plugin, providing a modern, secure authentication method. **Features:** * Support for WebAuthn and passkeys (Windows Hello, Touch ID, YubiKeys, etc.) * Backward compatibility with previously registered U2F security keys * User-friendly settings and seamless authentication experience * Customizable error logging and behavior via action hooks * Works with the Two Factor plugin for flexible 2FA authentication The plugin enables users to register and use hardware security keys and platform authenticators for stronger protection against password-based attacks and phishing. Notes: * please use [GitHub issues](https://github.com/sjinks/wp-two-factor-provider-webauthn/issues) to report bugs; * the full source code with all development files is available on [GitHub](https://github.com/sjinks/wp-two-factor-provider-webauthn). ## 屏幕截图 * [[ * User profile settings showing the registered security keys. * [[ * Plugin settings page. ## 常见问题 Be the first to ask. ## 评价 ![](https://secure.gravatar.com/avatar/1471c57315a48ef94e2b07fef65eec994f9934b0d5be84ba24dff8be5c926781? s=60&d=retro&r=g) ### 󠀁[Working like a charm!](https://wordpress.org/support/topic/working-like-a-charm-31/)󠁿 [meksONE](https://profiles.wordpress.org/meksone/) 2026 年 2 月 23 日 Frictionless login experience for WordPress users: this is the perfect plugin, with no ads and no frills, just the strictly necessary options and working in literally 2 minutes.Compatible with: FIDO U2F, FIDO Hyperkey, Windows Hello and any other webauthn provider that is available on your machine.I can login with fingerprint, windows face scan, fingerprint on mobile, backup codes, email codes… ![](https://secure.gravatar.com/avatar/536b1e13e53f6089127749aa96170dd9292cba303475c16a76b43bd53d708c1a? s=60&d=retro&r=g) ### 󠀁[One touch 2FA is a dream](https://wordpress.org/support/topic/one-touch-2fa-is-a-dream/)󠁿 [Steven Gliebe](https://profiles.wordpress.org/stevengliebe/) 2025 年 1 月 14 日 This is great. You can literally log into WordPress with 2FA using one touch (password manager with auto-login combined with this for 2FA). Beats using an authenticator app any day. ![](https://secure.gravatar.com/avatar/fe1541ecaf52e528bd94cbb9a112fccddd6c8a1b72a9d4f53277b58298088e75? s=60&d=retro&r=g) ### 󠀁[Works well for my use case but please provide unminified JS files.](https://wordpress.org/support/topic/works-well-for-my-use-case-but-please-provide-unminified-js-files-for/)󠁿 [Rene Hermenau](https://profiles.wordpress.org/renehermi/) 2024 年 10 月 26 日 This is helpful for evaluating purposes of the code. As this plugin is part of a security level all the code should be readable easily for auditors. Besides that, well done.Thank you. ![](https://secure.gravatar.com/avatar/45dfee4df736a68e24a40a2ba7dd9c62f74256abaa54722038fb4ab33acdbece? s=60&d=retro&r=g) ### 󠀁[Can’t register](https://wordpress.org/support/topic/cant-register-19/)󠁿 [fakeologist](https://profiles.wordpress.org/fakeologist/) 2024 年 10 月 15 日 it worked last month perfectly, now I can’t register a new auth key. ![](https://secure.gravatar.com/avatar/02a76d95b36cbc866cf2652b1a0739943346028e0564ba8735ed59744c41cfe7? s=60&d=retro&r=g) ### 󠀁[FIDO U2F WebAuthn for Two Factor](https://wordpress.org/support/topic/fido-u2f-webauthn-for-two-factor/)󠁿 [con](https://profiles.wordpress.org/conschneider/) 2024 年 10 月 2 日 Thank you for bridging the gap while we wait for the PR. This is what Open Source is all about. ![](https://secure.gravatar.com/avatar/ec90e4ed1ebc345d85c97486e389de060c74dc9e180ba25ed02be8a61e7683dd? s=60&d=retro&r=g) ### 󠀁[Fixes FIDO/U2F/WebAuthn functionality](https://wordpress.org/support/topic/fixes-fido-u2f-webauthn-functionality/)󠁿 [Olav Seyfarth](https://profiles.wordpress.org/nurs0da/) 2023 年 6 月 4 日 WebAuthn could be included in Two Factor, there’s a PR since Nov 22. Thanks for stepping in and even ENHANCING it. Very comprehensive! [ 阅读所有11条评价 ](https://wordpress.org/support/plugin/two-factor-provider-webauthn/reviews/) ## 贡献者及开发者 「WebAuthn Provider for Two Factor」是开源软件。 以下人员对此插件做出了贡献。 贡献者 * [ Volodymyr Kolesnykov ](https://profiles.wordpress.org/volodymyrkolesnykov/) 「WebAuthn Provider for Two Factor」插件已被翻译至 5 种本地化语言。 感谢[所有译者](https://translate.wordpress.org/projects/wp-plugins/two-factor-provider-webauthn/contributors) 为本插件所做的贡献。 [帮助将「WebAuthn Provider for Two Factor」翻译成简体中文。](https://translate.wordpress.org/projects/wp-plugins/two-factor-provider-webauthn) ### 对开发感兴趣吗? 您可以[浏览代码](https://plugins.trac.wordpress.org/browser/two-factor-provider-webauthn/), 查看[SVN仓库](https://plugins.svn.wordpress.org/two-factor-provider-webauthn/), 或通过[RSS](https://plugins.trac.wordpress.org/log/two-factor-provider-webauthn/?limit=100&mode=stop_on_copy&format=rss) 订阅[开发日志](https://plugins.trac.wordpress.org/log/two-factor-provider-webauthn/)。 ## 更新日志 #### 2.6.1 * Compatibility with WordPress 6.9.4 * Refactor key management user interface #### 2.6.0 * Better support for passkeys * Add hooks for logging errors * Make plugin options more user-friendly * Always show Retry button * Update translations #### 2.5.6 * Fix authentication bypass with malformed request * Additional hardening #### 2.5.5 * Compatibility with WordPress 6.9.1 #### 2.5.4 * Platform requirements updated to PHP 8.1 and WordPress 6.0 (although the plugin still should work with older versions of PHP and WordPress) * GH-1008: better integration with Two Factor 0.13.0 #### 2.5.3 * Restore `WebAuthn_Provider::get_instance()` because WPVIP has an ancient version of Two Factor #### 2.5.2 * Fix the conflict when another package loads a library that has `autoload.files` key (see https://github.com/sjinks/wp-two-factor-provider-webauthn/pull/980) #### 2.5.1 * GH-898: do not show the UI if the plugin has failed to install its tables * GH-972: do not show the profile UI if the provider is disabled * drop official PHP 7.4 support #### 2.5.0 * iCloud support for Firefox (props dd32) #### 2.4.1 * GH-541: fix issues with YubiKeys (backported a patch by Markus Bauer from https:// github.com/madwizard-org/webauthn-server/pull/23) #### 2.4.0 * GH-830: introduce `webauthn_register_key_use_nicename` filter (props kat3samsin) #### 2.3.0 * GH-827: Add `webauthn_register_key_suppress_output` filter * GH-826: Add `webauthn_app_id` filter to customize U2F AppID * GH-824: Initialize `wpdb` properties as early as possible * Update `madwizard/webauthn` to 0.10.0 #### 2.2.0 * Do not create user handles if they are not needed * Add a hook to customize WebAuthN server * Update dependencies * Refactor tests #### 2.1.0 * GH-462: Use correct user ID when editing a user * GH-456: Set relying party ID to COOKIE_DOMAIN if it is available (props dd32) * Allow only for network-wide plugin activation (to match Two Factor) #### 2.0.3 * Update translations (thank you, Copilot) * Add Ukrainian translation (thank you, Copilot) #### 2.0.2 * Update madwizard/webauthn to 0.9.0 * Update development dependencies * Update E2E tests #### 2.0.1 * GH-295: fix client extensions validation * Update development dependencies #### 2.0.0 * Put external dependencies into a unique namespace (GH-36, GH-53, GH-236) * Update madwizard/webauthn to 0.8.0 * Update development dependencies #### 1.0.10 * Add zh-tw translations (props [Chun-Chih Cheng](https://profiles.wordpress.org/alex1114/), [Alex Lion](https://profiles.wordpress.org/alexclassroom/)) * GH-215, GH-33: Fix “Unable to save the key to the database” error for long public keys * Update development dependencies #### 1.0.9 * Update madwizard/webauthn to 0.8.0 * Update development dependencies * Add debug mode (activated with `define( 'DEBUG_TFPWA', true );`) #### 1.0.8 * Security: Update guzzlehttp/guzzle to 7.4.5 (fix [CVE-2022-31090](https://github.com/advisories/GHSA-25mq-v84q-4j7r) and [CVE-2022-31091](https://github.com/advisories/GHSA-q559-8m2m-g699)) * Do not load the plugin while WordPress is being installed #### 1.0.7.1 * Fix deployment issue. It’s time to automate the process #### 1.0.7 * GH-130: fix Network Installation issue * Update development dependencies * Add security-related workflows to CI * Improve tests #### 1.0.6.1 * Fix deployment issue #### 1.0.6 * GH-93: remove unnecessary `required` attribute from `webauthn_key_name` * Security: Update guzzlehttp/guzzle to 7.4.4 (fix CVE-2022-31042 and CVE-2022- 31043) * Update development dependencies #### 1.0.5 * Synchronize plugin version across all files #### 1.0.4 * Update translations * GH-93: add an option to turn off the old U2F provider * Update dependencies * Add more E2E tests #### 1.0.3 * GH-33: increase length of credential_id column to solve issues with Chrome on Mac * GH-38: fix bugs preventing plugin uninstallation * Make Settings::offsetGet() compatible with PHP 8.1 #### 1.0.2 * Added E2E tests * UI fixes #### 1.0.1 * First public release. ## 额外信息 * 版本 **2.6.1** * 最后更新:**1 月前** * 活跃安装数量 **1,000+** * WordPress 版本 ** 6.0 或更高版本 ** * 已测试的最高版本为 **6.9.4** * PHP 版本 ** 8.1 或更高版本 ** * 语言 * [Chinese (Taiwan)](https://tw.wordpress.org/plugins/two-factor-provider-webauthn/)、 [English (US)](https://wordpress.org/plugins/two-factor-provider-webauthn/) 、 [French (France)](https://fr.wordpress.org/plugins/two-factor-provider-webauthn/)、 [German](https://de.wordpress.org/plugins/two-factor-provider-webauthn/) 、 [Japanese](https://ja.wordpress.org/plugins/two-factor-provider-webauthn/) 和 [Russian](https://ru.wordpress.org/plugins/two-factor-provider-webauthn/). * [翻译成简体中文](https://translate.wordpress.org/projects/wp-plugins/two-factor-provider-webauthn) * 标签 * [2FA](https://cn.wordpress.org/plugins/tags/2fa/)[login](https://cn.wordpress.org/plugins/tags/login/) [security](https://cn.wordpress.org/plugins/tags/security/)[two factor](https://cn.wordpress.org/plugins/tags/two-factor/) [webauthn](https://cn.wordpress.org/plugins/tags/webauthn/) * [高级视图](https://cn.wordpress.org/plugins/two-factor-provider-webauthn/advanced/) ## 评级 4.6 星(最高 5 星)。 * [ 9 条 5 星评价 ](https://wordpress.org/support/plugin/two-factor-provider-webauthn/reviews/?filter=5) * [ 1 条 4 星评价 ](https://wordpress.org/support/plugin/two-factor-provider-webauthn/reviews/?filter=4) * [ 0 条 3 星评价 ](https://wordpress.org/support/plugin/two-factor-provider-webauthn/reviews/?filter=3) * [ 1 条 2 星评价 ](https://wordpress.org/support/plugin/two-factor-provider-webauthn/reviews/?filter=2) * [ 0 条 1 星评价 ](https://wordpress.org/support/plugin/two-factor-provider-webauthn/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/two-factor-provider-webauthn/reviews/#new-post) [查看全部评论](https://wordpress.org/support/plugin/two-factor-provider-webauthn/reviews/) ## 贡献者 * [ Volodymyr Kolesnykov ](https://profiles.wordpress.org/volodymyrkolesnykov/) ## 支持 最近两个月解决的问题: 总计 1,已解决 0 [查看支持论坛](https://wordpress.org/support/plugin/two-factor-provider-webauthn/) ## 捐助 您愿意支持这个插件的发展吗? [ 捐助此插件 ](https://www.paypal.com/donate/?hosted_button_id=SAG6877JDJ3KU)