[youtube https:\/\/www.youtube.com\/watch?v=K-YuU7NAMZM&rel=0&controls=0&showinfo=0]<\/p>\n\n
With this plugin you can make passwords a thing of the past. All you need is your trusty smartphone with a QR Code reading app.<\/p>\n\n
(Coming soon, iOS companion app that will negate your need for a separate QR Code reading app!)<\/p>\n\n
Disclaimer: A website is only as secure as the least secure component on it. This plugin aims to be more secure than using the default login page.<\/p>\n\n\n
\/wp-content\/plugins\/<\/code> directory<\/li>\n- Activate the plugin through the 'Plugins' menu in WordPress<\/li>\n
- That's it<\/li>\n<\/ol>\n\n
Usage<\/h4>\n\n\n- Scan QR code on login screen of your site. (Coming soon, iOS companion app!)<\/li>\n
- Open link scanned in your mobile browser.<\/li>\n
- That's it! (If you don't have a cookie on your mobile browser recognizing you, the first time you try this you'll have to log in on your phone. After that you should be home free)<\/li>\n<\/ol>\n\n\n
\n- Why do I need to log in on my phone?<\/dt>\n
You wouldn't want just ANYONE being able to access your site. Verification is still necessary.<\/p><\/dd>\n
- So what's this plugin good for?<\/dt>\n
Once you log in once, you won't have to again until your phone cookie runs out (every two weeks or so). That should save you SOME hassle.<\/p><\/dd>\n
- What about foo bar?<\/dt>\n
I have no answer to foo bar dilemma.<\/p><\/dd>\n\n<\/dl>\n\n\n
1.4.3<\/h4>\n\n\n- removed [] array for better compatibility. Some QR codes weren\u2019t loading due to forced SSL.<\/li>\n<\/ul>\n\n
1.4.2<\/h4>\n\n\n- Made homeurl variable scheme relative<\/li>\n<\/ul>\n\n
1.4.1<\/h4>\n\n\n- Created ajax homeurl variable for more accurate QR creation.<\/li>\n<\/ul>\n\n
1.4<\/h4>\n\n\n- Enabled ability for administrator to disconnect app via site dashboard.<\/li>\n
- Added better logs.<\/li>\n
- When hash expires login page no longer reloads.<\/li>\n
- Fixed issue where page stopped working after being open for a while.<\/li>\n<\/ul>\n\n
1.3.5<\/h4>\n\n\n- Bugfix.<\/li>\n<\/ul>\n\n
1.3.4<\/h4>\n\n\n- Removed extra function.<\/li>\n<\/ul>\n\n
1.3.3<\/h4>\n\n\n- Now works with WordPress installed in subfolders.<\/li>\n<\/ul>\n\n
1.3.2<\/h4>\n\n\n- Mcrypt implemented in encrypting the TOTP hash.<\/li>\n<\/ul>\n\n
1.3.1<\/h4>\n\n\n- TOTP lengthened to 8 length and 60 seconds.<\/li>\n<\/ul>\n\n
1.3<\/h4>\n\n\n- Updated to be used with soon to arrive companion app. <\/li>\n
- QR code generation happens on your server, not via a google api.<\/li>\n
- Code refactored, restructured.<\/li>\n<\/ul>\n\n
1.2.1<\/h4>\n\n\n- Fixed querystring bug<\/li>\n<\/ul>\n\n
1.2<\/h4>\n\n\n- Updated code to work with WordPress 4.1<\/li>\n<\/ul>\n\n
1.1<\/h4>\n\n\n- All POST\/GET variables have been properly sanitized against XSS attacks. Special thanks to Julio from Boiteaweb.fr<\/a> for his security analysis and recommendations<\/li>\n<\/ul>\n\n
1.0<\/h4>\n\n\n- Out of Beta.<\/li>\n
- IP confirmation fixed.<\/li>\n<\/ul>\n\n
0.6<\/h4>\n\n\n- XSS fix. Special thanks to Julio from Boiteaweb.fr<\/a> for his security analysis and recommendations<\/li>\n<\/ul>\n\n
0.5<\/h4>\n\n\n- Delay added to prevent dDos attack<\/li>\n<\/ul>\n\n
0.4<\/h4>\n\n\n- CSRF fix. Special thanks to Julio from Boiteaweb.fr<\/a> for his security analysis and recommendations<\/li>\n
- AJAX, Cron jobs optimized<\/li>\n<\/ul>\n\n
0.3<\/h4>\n\n