Title: Secure Passkeys
Author: Mohamed Endisha
Published: <strong>26 mars 2025</strong>
Last modified: 30 januari 2026

---

Sök tillägg

![](https://ps.w.org/secure-passkeys/assets/banner-772x250.png?rev=3262385)

![](https://ps.w.org/secure-passkeys/assets/icon-256x256.png?rev=3262385)

# Secure Passkeys

 Av [Mohamed Endisha](https://profiles.wordpress.org/endisha/)

[Ladda ner](https://downloads.wordpress.org/plugin/secure-passkeys.1.2.4.zip)

 * [Detaljer](https://sv.wordpress.org/plugins/secure-passkeys/#description)
 * [Recensioner](https://sv.wordpress.org/plugins/secure-passkeys/#reviews)
 *  [Installation](https://sv.wordpress.org/plugins/secure-passkeys/#installation)
 * [Utveckling](https://sv.wordpress.org/plugins/secure-passkeys/#developers)

 [Support](https://wordpress.org/support/plugin/secure-passkeys/)

## Beskrivning

Secure Passkeys is a powerful WordPress plugin that enables seamless passwordless
authentication using WebAuthn technology. By eliminating the need for traditional
passwords, it enhances security and improves the user login experience. With support
for biometric authentication, security keys, and device-bound credentials, Secure
Passkey provides a robust and user-friendly solution for modern authentication.

Unlike traditional password-based authentication, Secure Passkey leverages cryptographic
key pairs to ensure secure logins. The private key remains securely stored on the
user’s device, while the public key is registered with the WordPress site. This 
method protects against phishing attacks and password breaches, ensuring that only
authorized users can gain access.

Secure Passkeys integrates effortlessly into WordPress, allowing users to register
and manage their passkeys from their profile settings. Once registered, users can
log in using their fingerprint, face recognition, or a hardware security key without
the need to remember or enter a password.

### Features

 * **Passwordless Login:** Secure authentication via WebAuthn with biometric devices,
   security keys, Touch ID, Face ID, and more.
 * **Enhanced User Experience:** Password-free login for a smoother user journey.
 * **Integration Support:**
    - WordPress default login form
    - WooCommerce login page
    - MemberPress login form
    - Easy Digital Downloads login form
    - Ultimate Member login form
 * **Admin Management:** Administrators can delete, activate, or deactivate users
   directly from plugin settings or user profiles.
 * **Passkeys Reminder Notice:** New option to enable or disable the passkeys reminder
   notice in the WordPress admin area for users who have not yet enabled passkeys.
 * **Activity Logging:** Monitor activity logs and track last login/registration
   of passkeys.
 * **Multiple Passkeys:** Supports multiple passkey registrations per user, with
   the option to set a registration limit or allow unlimited registrations.
 * **Role Restrictions:** Restrict and exclude specific user roles from using passkey
   authentication.
 * **Customizable Settings:** Adjust timeout settings for passkey registration and
   login.
 * **User Verification:** Enforce user verification for enhanced security.
 * **Frontend Customization:** Easily customize frontend themes or add your own 
   with basic frontend skills.
 * **Theme Support:** Supports pre-built themes like YOOtheme (UIkit) for frontend
   shortcodes.
 * **Shortcodes:** Embed passkey login and registration forms on custom frontend
   pages.
 * **Passkey Display:** Show passkey details in admin user lists and profiles.
 * **Multisite:** Supports WordPress Multisite and single-site installations.
 * **Database Optimization:** Option to allow or disallow automatic deletion of 
   old challenge records and activity logs (configurable schedule).

#### Requirements

 * WordPress 6.0 or newer.
 * PHP version 7.4 or newer.

### License

Secure Passkeys is licensed under the GNU General Public License v2 or later.

## Skärmdumpar

 * [[
 * Overview
 * [[
 * Passkeys
 * [[
 * Activity Log
 * [[
 * General Settings
 * [[
 * Display Settings
 * [[
 * Advanced Settings
 * [[
 * Admin Edit Profile and User Page
 * [[
 * Admin Add New Passkey
 * [[
 * Login

## Installation

#### Minimum Requirements

 * PHP 7.4 or greater is recommended
 * MySQL 5.6 or greater is recommended

#### Automatic installation

Automatic installation is the easiest option — WordPress will handles the file transfer,
and you won’t need to leave your web browser. To do an automatic install of Secure
Passkeys, log in to your WordPress dashboard, navigate to the Plugins menu, and 
click “Add New.”

In the search field type “Secure Passkeys” then click “Search Plugins.” Once you’ve
found us, you can view details about it such as the point release, rating, and description.
Most importantly of course, you can install it by! Click “Install Now,” and WordPress
will take it from there.

#### Manual installation

Manual installation method requires downloading the Secure Passkeys plugin and uploading
it to your web server via your favorite FTP application. The WordPress codex contains
[instructions on how to do this here](https://wordpress.org/support/article/managing-plugins/#manual-plugin-installation).

## Vanliga frågor

### How do I enable and configure the Secure Passkeys?

After activating the plugin, a ”Secure Passkeys” menu item will appear in your WordPress
admin dashboard’s sidebar.

### How can I add a new theme for frontend shortcodes?

You can add a custom theme for frontend shortcodes using the `secure_passkeys_themes`
and `secure_passkeys_themes_paths` filters.

**Register the Theme:** Use the `secure_passkeys_themes` filter to register your
new theme and make it available in the plugin settings.

    ```
    <?php

    add_filter('secure_passkeys_themes', function ($themes)
    {
        $themes['new_theme'] = 'New Theme';
        return $themes;
    }, 10, 1);
    ```

**Specify the Theme Path:** Use the `secure_passkeys_themes_paths` filter to define
the file path to your custom theme’s directory.

    ```
    <?php

    add_filter('secure_passkeys_themes_paths', function ($themes)
    {
        $themes['new_theme'] = 'your/path/new/theme/folder';
        return $themes;
    }, 10, 1);
    ```

**Override Template Files:** Copy the template files you wish to customize from `
secure-passkeys/src/views/frontend/default/` to your custom theme’s folder (your/
path/to/new/theme/folder). Any files not copied to your custom theme folder will
be loaded from the plugin’s default theme, providing a fallback mechanism. This 
allows you to customize only the files you need to change.

### How can I redirect users to a custom page after they log in using a passkey?

Yes, you can redirect users after a passkey login by using the `secure_passkeys_login_redirect_url`
filter. You can add the following code snippets to your theme’s `functions.php` 
file.

**Example – Redirect to a Specific URL:**

This example redirects all users to a specific URL after they log in.

    ```
    <?php

    add_filter('secure_passkeys_login_redirect_url', function ($redirect_to) {
        // Redirect users to a custom URL after logging in with a passkey
        return 'https://your-domain.com/your-custom-path';
    });
    ```

**Example – Redirect Based on User Role:**

This example redirects users based on their assigned role.

    ```
    <?php

    add_filter('secure_passkeys_login_redirect_url', function ($redirect_to) {
        $user = wp_get_current_user();

        // Redirect administrators to the WP admin dashboard
        if (in_array('administrator', $user->roles)) {
            return admin_url();
        }

        // Redirect subscribers to a custom dashboard page
        if (in_array('subscriber', $user->roles)) {
            return home_url('/dashboard');
        }

        // Default fallback URL
        return $redirect_to;
    });
    ```

### Are there other filters and actions?

Yes! The plugin offers a variety of filters and actions that allow developers to
customize and extend its functionality. If you’re a developer, we encourage you 
to explore these hooks and tailor the plugin to meet your specific needs.

For a complete list of available hooks and examples, refer to the plugin’s codebase.

## Recensioner

![](https://secure.gravatar.com/avatar/92b7d005d1ba6b94b4e69814a40933f600fdcdcb097f2e1b5e4ae23d53535ee0?
s=60&d=retro&r=g)

### 󠀁[Fantastic plugin](https://wordpress.org/support/topic/fantastic-plugin-2097/)󠁿

 [primerpizza](https://profiles.wordpress.org/primerpizza/) 6 februari 2026

Look no further, this is the best passkey plugin. Kudos to the developer.

![](https://secure.gravatar.com/avatar/2b3163a58500182a7bbd9c42eef38bca0e6b1708109d3c284bcb09823c70c43a?
s=60&d=retro&r=g)

### 󠀁[Best Passkey plugin](https://wordpress.org/support/topic/best-passkey-plugin/)󠁿

 [ingoratsdorf](https://profiles.wordpress.org/ingoratsdorf/) 31 januari 2026

I tested a few. The next best contender needs a PHP module that’s not available 
everywhere, and it stopped working when I upgraded the PHP version to 8.4.THIS plugin
just works like a charm in any shared environment. Works also in combination with
the Automattic Two-Factor plugin. So you get the best of both worlds. The developer
is very responsive and helpful. All open source, hosted on GitHub. This plugin is
now on all my websites.Keep up the good work Mohamed.

![](https://secure.gravatar.com/avatar/7048bb84f69d08e1c0362a1efe413ee43b389c7f9febc3665f259a48bab9bff1?
s=60&d=retro&r=g)

### 󠀁[Register ok / Login not ok](https://wordpress.org/support/topic/register-ok-login-not-ok/)󠁿

 [c00kiekiller](https://profiles.wordpress.org/c00kiekiller/) 26 januari 2026 1 
svar

No function given during login.Passkey can be registered successfully (Windows Hello
fingerprint).But the login itself fails.Error message:Authentication with passkey
failed. Please try again if you want to continue.Authentifizierung mit Passkey fehlgeschlagen.
Bitte versuche es erneut, wenn du fortfahren möchtest.

![](https://secure.gravatar.com/avatar/a31be628f20c69169c9a04727c5873b91e1cea4d0ac2fcd51eb040ad09d993ac?
s=60&d=retro&r=g)

### 󠀁[Solid 5 even with minor issues](https://wordpress.org/support/topic/solid-5-even-with-minor-issues/)󠁿

 [martinfors](https://profiles.wordpress.org/martinfors/) 2 december 2025 3 svar

Just what I needed when I wanted to create my own plugin. However, it has a few 
bugs and minor good-to-haves: If I only activate it on one of the sites in a MultiSite,
it does not work because it relies on the base prefix to be accessed. If I activate
notifications for users, it does not notify on each subdomain in a MultiSite. Since
passkeys are unique for each domain/subdomain this should be fixed. The error, notice
and button in the login form should be formated as native WP tags. I would have 
prefered to hide the settings under Settings in the menu. That is where it belongs.
Still, I will have this as one of the few default external plugins to use for now.

![](https://secure.gravatar.com/avatar/ec6d2be25a07616241d9765e6f221e45efadbfd622546836acbad18ded078a07?
s=60&d=retro&r=g)

### 󠀁[Amazing Plugin!](https://wordpress.org/support/topic/amazing-plugin-2823/)󠁿

 [looneytoons20](https://profiles.wordpress.org/looneytoons20/) 22 november 2025
1 svar

This plugin is amazing and I have nothing but thanks for you! My only concern is
if i install and use this long term, how long do you plan on supporting this plugin?
This plugin is amazing I’m just scared that if I install it and a year down the 
road you decide to drop it, i have to remove the feature from the site and users
that will by then use it.

![](https://secure.gravatar.com/avatar/9d1fa653d93afc14add085bffc3d09a0b3f61fd6a934474f278561ec887f1a94?
s=60&d=retro&r=g)

### 󠀁[Perfect solution](https://wordpress.org/support/topic/perfect-sollution/)󠁿

 [vzsi](https://profiles.wordpress.org/vargazsoltivan/) 3 oktober 2025

Big THANKS!

 [ Läs alla 18 betyg ](https://wordpress.org/support/plugin/secure-passkeys/reviews/)

## Bidragsgivare och utvecklare

”Secure Passkeys” är programvara med öppen källkod. Följande personer har bidragit
till detta tillägg.

Bidragande personer

 *   [ Mohamed Endisha ](https://profiles.wordpress.org/endisha/)

”Secure Passkeys” har översatts till 2 språk. Tack till [översättarna](https://translate.wordpress.org/projects/wp-plugins/secure-passkeys/contributors)
för deras bidrag.

[Översätt ”Secure Passkeys” till ditt språk.](https://translate.wordpress.org/projects/wp-plugins/secure-passkeys)

### Intresserad av programutveckling?

[Läs programkoden](https://plugins.trac.wordpress.org/browser/secure-passkeys/),
kika på [SVN-filförvaret](https://plugins.svn.wordpress.org/secure-passkeys/) eller
prenumerera på [utvecklarloggen](https://plugins.trac.wordpress.org/log/secure-passkeys/)
via [RSS](https://plugins.trac.wordpress.org/log/secure-passkeys/?limit=100&mode=stop_on_copy&format=rss).

## Ändringslogg

#### 1.2.4 2026-01-30

 * Add – Added support for `Heimlane Vault` authenticator with its AAGUID.
 * Fix – Resolved compatibility issues where 2FA plugins would block passkey login.

#### 1.2.3 2025-12-03

 * Add – Added support for `AliasVault` authenticator with its AAGUID.
 * Tweak – Updated `iCloud Keychain` entry to `Apple Passwords` with new icon.

#### 1.2.2 2025-09-17

 * Security – Enhanced permission checks for administrative functions to prevent
   potential unauthorized access.
 * Add – Added support for `initial` authenticator with its AAGUID.
 * Fix – Resolved multiple PHP notices by correcting the improper use of `wpdb::
   prepare()` on static database queries.
 * Tweak – Corrected a typo in the plugin description for proper grammar.

#### 1.2.1 2025-08-21

 * Add – Updated Microsoft Password Manager AAGUID icon.
 * Add – Added Chromium Browser AAGUID icon (previously had no icon).
 * Fix – Fixed “You are not authorized to make this request” error caused by missing
   or empty `HTTP_REFERER`.

#### 1.2.0 2025-08-10

 * Add – Added option to enable/disable passkeys reminder notice in WordPress admin
   for users without passkeys enabled.
 * Add – Added support for Microsoft Password Manager authenticator with its AAGUID.
 * Tweak – Changed excluded roles selection from multiple select dropdown to individual
   checkboxes for better usability.
 * Fix – Improved autoloader class file path handling for better compatibility across
   different operating systems and environments.

#### 1.1.0 2025-08-04

 * Add – Added support for the Ultimate Member plugin.
 * Add – Added an option to automatically generate security key name for new passkeys,
   so users are no longer required to enter one manually.
 * Add – Added an option to disable the logging of user activity.
 * Tweak – Added `extra_wrapper_classes` and `extra_button_classes` attributes to
   the `[secure_passkeys_login_form]` shortcode for easier CSS customization.
 * Fix – Corrected an issue where the `used_at` timestamp for a challenge was not
   being updated correctly in the database.
 * Fix – Removed the `Accept-Encoding` header from the fingerprint calculation to
   prevent potential validation errors.
 * Fix – Improved localization by removing HTML from translatable strings, ensuring
   they can be translated properly.
 * Fix – Resolved a PHP warning on the ”Activity Log” caused by an attempt to process
   a non-existent `is_active` property on log records.

#### 1.0.0 2025-03-05

 * Initial release.

## Meta

 *  Version **1.2.4**
 *  Senast uppdaterat **2 månader sedan**
 *  Aktiva installationer **1 000+**
 *  WordPress-version ** 6.0 eller senare **
 *  Testat upp till **6.9.4**
 *  PHP-version ** 7.4 eller senare **
 *  Språk
 * [English (US)](https://wordpress.org/plugins/secure-passkeys/), [French (France)](https://fr.wordpress.org/plugins/secure-passkeys/)
   och [German](https://de.wordpress.org/plugins/secure-passkeys/).
 *  [Översätt till ditt språk](https://translate.wordpress.org/projects/wp-plugins/secure-passkeys)
 * Etiketter
 * [login](https://sv.wordpress.org/plugins/tags/login/)[passkeys](https://sv.wordpress.org/plugins/tags/passkeys/)
   [passwordless](https://sv.wordpress.org/plugins/tags/passwordless/)[secure](https://sv.wordpress.org/plugins/tags/secure/)
   [webauthn](https://sv.wordpress.org/plugins/tags/webauthn/)
 *  [Avancerad vy](https://sv.wordpress.org/plugins/secure-passkeys/advanced/)

## Betyg

 4.8 av 5 stjärnor.

 *  [  17 5-stjärniga recensioner     ](https://wordpress.org/support/plugin/secure-passkeys/reviews/?filter=5)
 *  [  0 4-stjärniga recensioner     ](https://wordpress.org/support/plugin/secure-passkeys/reviews/?filter=4)
 *  [  0 3-stjärniga recensioner     ](https://wordpress.org/support/plugin/secure-passkeys/reviews/?filter=3)
 *  [  0 2-stjärniga recensioner     ](https://wordpress.org/support/plugin/secure-passkeys/reviews/?filter=2)
 *  [  1 1-stjärnig recension     ](https://wordpress.org/support/plugin/secure-passkeys/reviews/?filter=1)

[Your review](https://wordpress.org/support/plugin/secure-passkeys/reviews/#new-post)

[Se alla recensioner](https://wordpress.org/support/plugin/secure-passkeys/reviews/)

## Bidragande personer

 *   [ Mohamed Endisha ](https://profiles.wordpress.org/endisha/)

## Support

Antal lösta problem under de senaste två månaderna:

     0 av 3

 [Visa supportforum](https://wordpress.org/support/plugin/secure-passkeys/)