{"id":306810,"date":"2026-06-11T01:39:48","date_gmt":"2026-06-11T01:39:48","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/passkey-plus\/"},"modified":"2026-07-08T22:58:33","modified_gmt":"2026-07-08T22:58:33","slug":"advanced-passkey-login","status":"publish","type":"plugin","link":"https:\/\/cl.wordpress.org\/plugins\/advanced-passkey-login\/","author":23490962,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"1.1.11","stable_tag":"1.1.11","tested":"7.0","requires":"6.0","requires_php":"8.0","requires_plugins":null,"header_name":"Advanced Passkeys for Secure Login","header_author":"wppasskey","header_description":"Advanced Passkeys for Secure Login enables passwordless passkey login for WordPress. Supports Face ID, Touch ID, Windows Hello, YubiKey, and more.","assets_banners_color":"534c72","last_updated":"2026-07-08 22:58:33","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/wordpress.org\/plugins\/advanced-passkey-login\/","header_author_uri":"https:\/\/profiles.wordpress.org\/mbuiux\/","rating":0,"author_block_rating":0,"active_installs":0,"downloads":300,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.1.10":{"tag":"1.1.10","author":"wppasskey","date":"2026-06-24 14:04:48"},"1.1.11":{"tag":"1.1.11","author":"wppasskey","date":"2026-07-08 22:58:33"},"1.1.5":{"tag":"1.1.5","author":"wppasskey","date":"2026-06-11 01:39:17"},"1.1.6":{"tag":"1.1.6","author":"wppasskey","date":"2026-06-11 18:14:52"},"1.1.7":{"tag":"1.1.7","author":"wppasskey","date":"2026-06-16 14:38:33"},"1.1.8":{"tag":"1.1.8","author":"wppasskey","date":"2026-06-18 23:24:17"},"1.1.9":{"tag":"1.1.9","author":"wppasskey","date":"2026-06-18 23:30:03"}},"upgrade_notice":{"1.1.11":"<p>Recommended update: improves passkey login guidance, refreshes the sign-in button icon, and fixes admin toggle rendering.<\/p>"},"ratings":[],"assets_icons":{"icon.svg":{"filename":"icon.svg","revision":3568208,"resolution":false,"location":"assets","locale":false}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3568208,"resolution":"1544x500","location":"assets","locale":"","width":1544,"height":500},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3568208,"resolution":"772x250","location":"assets","locale":"","width":772,"height":250}},"assets_blueprints":{},"all_blocks":{"advanced-passkey-login\/login-button":{"name":"advanced-passkey-login\/login-button","title":"Passkey Login Button"},"advanced-passkey-login\/register-button":{"name":"advanced-passkey-login\/register-button","title":"Passkey Register Button"},"advanced-passkey-login\/passkey-profile":{"name":"advanced-passkey-login\/passkey-profile","title":"Account Passkeys"},"advanced-passkey-login\/setup-prompt":{"name":"advanced-passkey-login\/setup-prompt","title":"Passkey Setup Prompt"}},"tagged_versions":["1.1.10","1.1.11","1.1.5","1.1.6","1.1.7","1.1.8","1.1.9"],"block_files":[],"assets_screenshots":{"screenshot-1.jpeg":{"filename":"screenshot-1.jpeg","revision":3568208,"resolution":"1","location":"assets","locale":"","width":2598,"height":2262},"screenshot-2.png":{"filename":"screenshot-2.png","revision":3568208,"resolution":"2","location":"assets","locale":"","width":2616,"height":4346},"screenshot-3.png":{"filename":"screenshot-3.png","revision":3568208,"resolution":"3","location":"assets","locale":"","width":2602,"height":3068},"screenshot-4.png":{"filename":"screenshot-4.png","revision":3568208,"resolution":"4","location":"assets","locale":"","width":2614,"height":3286},"screenshot-5.png":{"filename":"screenshot-5.png","revision":3569270,"resolution":"5","location":"assets","locale":"","width":2996,"height":1713},"screenshot-6.png":{"filename":"screenshot-6.png","revision":3568208,"resolution":"6","location":"assets","locale":"","width":878,"height":1200},"screenshot-7.png":{"filename":"screenshot-7.png","revision":3568208,"resolution":"7","location":"assets","locale":"","width":848,"height":1186}},"screenshots":{"1":"The unified site security dashboard panel tracking passkey performance metrics, active provider charts, and live login logs.","2":"The core configuration settings view showing role management selections, biometric behaviors, and integrated platform switches.","3":"The advanced developer configuration panel exposing parameters for WebAuthn RP IDs, token lifetimes, and security connection locks.","4":"The helper copy dashboard offering copy-ready Gutenberg module paths and complete shortcode templates for clean site layout assembly.","5":"The frontend User Profile responsive administration panel where site users manage, name, and revoke credentials.","6":"The standard core WordPress login layout showing the passkey sign-in button below the password form.","7":"The returning user login state demonstrating the Last used device indicator pill for returning passkey users."}},"plugin_section":[],"plugin_tags":[602,222353,9223,600,183349],"plugin_category":[38,54],"plugin_contributors":[266600,266599],"plugin_business_model":[],"class_list":["post-306810","plugin","type-plugin","status-publish","hentry","plugin_tags-login","plugin_tags-passkeys","plugin_tags-passwordless","plugin_tags-security","plugin_tags-webauthn","plugin_category-authentication","plugin_category-security-and-spam-protection","plugin_contributors-mbuiux","plugin_contributors-wppasskey","plugin_committers-wppasskey"],"banners":{"banner":"https:\/\/ps.w.org\/advanced-passkey-login\/assets\/banner-772x250.png?rev=3568208","banner_2x":"https:\/\/ps.w.org\/advanced-passkey-login\/assets\/banner-1544x500.png?rev=3568208","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":"https:\/\/ps.w.org\/advanced-passkey-login\/assets\/icon.svg?rev=3568208","icon":"https:\/\/ps.w.org\/advanced-passkey-login\/assets\/icon.svg?rev=3568208","icon_2x":false,"generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/advanced-passkey-login\/assets\/screenshot-1.jpeg?rev=3568208","caption":"The unified site security dashboard panel tracking passkey performance metrics, active provider charts, and live login logs."},{"src":"https:\/\/ps.w.org\/advanced-passkey-login\/assets\/screenshot-2.png?rev=3568208","caption":"The core configuration settings view showing role management selections, biometric behaviors, and integrated platform switches."},{"src":"https:\/\/ps.w.org\/advanced-passkey-login\/assets\/screenshot-3.png?rev=3568208","caption":"The advanced developer configuration panel exposing parameters for WebAuthn RP IDs, token lifetimes, and security connection locks."},{"src":"https:\/\/ps.w.org\/advanced-passkey-login\/assets\/screenshot-4.png?rev=3568208","caption":"The helper copy dashboard offering copy-ready Gutenberg module paths and complete shortcode templates for clean site layout assembly."},{"src":"https:\/\/ps.w.org\/advanced-passkey-login\/assets\/screenshot-5.png?rev=3569270","caption":"The frontend User Profile responsive administration panel where site users manage, name, and revoke credentials."},{"src":"https:\/\/ps.w.org\/advanced-passkey-login\/assets\/screenshot-6.png?rev=3568208","caption":"The standard core WordPress login layout showing the passkey sign-in button below the password form."},{"src":"https:\/\/ps.w.org\/advanced-passkey-login\/assets\/screenshot-7.png?rev=3568208","caption":"The returning user login state demonstrating the Last used device indicator pill for returning passkey users."}],"raw_content":"<!--section=description-->\n<p>Passwords are the single biggest security liability for your WordPress site. They get leaked, reused, and exploited by automated brute-force attacks every single day. While standard Two-Factor Authentication (2FA) adds a layer of safety, typing in temporary codes from SMS or authenticator apps introduces annoying workflow friction that hurts user adoption and slows down your day.<\/p>\n\n<p><strong>Advanced Passkeys for Secure Login<\/strong> brings the future of un-phishable, lightning-fast authentication directly to WordPress using the official FIDO2 \/ WebAuthn standard.<\/p>\n\n<p>Give your users a modern login experience. Users register a secure passkey just once using their device's built-in biometric sensor (Face ID, Touch ID, Windows Hello), device PIN, or a hardware security key (like a YubiKey). Future sign-ins can bypass traditional password fields and reduce credential-theft risk.<\/p>\n\n<h3>Out-of-the-Box WooCommerce &amp; Membership Integrations<\/h3>\n\n<p>Don't settle for basic alternatives that only support the default backend login page. Advanced Passkeys features intelligent, dependency-aware integration modules that automatically inject secure passkey entry points into your existing platform ecosystem. Experience seamless, zero-configuration support for:\n* <strong>WooCommerce<\/strong> (Secure checkout &amp; customer account login)\n* <strong>MemberPress<\/strong> &amp; <strong>Paid Memberships Pro (PMPro)<\/strong> (Frictionless member portal protection)\n* <strong>LearnDash<\/strong> (Instant student sign-in to prevent account sharing)\n* <strong>Ultimate Member<\/strong> &amp; <strong>BuddyBoss<\/strong> (Biometric profiles for modern communities)\n* <strong>Gravity Forms<\/strong> (Protected frontend user-registration flows)<\/p>\n\n<h3>Why Smart Site Owners Choose Passkeys<\/h3>\n\n<ul>\n<li><strong>Strong Phishing Resistance:<\/strong> Passkeys are cryptographically bound to your specific domain name. A fake login page or copycat site cannot reuse a passkey issued for your real site.<\/li>\n<li><strong>Reduce Brute-Force Risk:<\/strong> Passkey login does not rely on a static password being typed into the login form, reducing exposure to automated password-guessing attacks.<\/li>\n<li><strong>Painless Cross-Device Sync:<\/strong> Works natively with iCloud Keychain, Google Password Manager, and 1Password for reliable, frictionless cross-device access across desktop, mobile, and tablet.<\/li>\n<\/ul>\n\n<h3>Features<\/h3>\n\n<ul>\n<li><strong>One-Click Passwordless Authentication:<\/strong> Adds a native, highly visible \"Sign in with Passkey\" button directly to your core WordPress login screens.<\/li>\n<li><strong>Conditional UI Autofill Support:<\/strong> Offers optional browser-native passkey autofill prompts when a user focuses on the username field for an incredibly polished user experience.<\/li>\n<li><strong>Ecosystem-Aware Gutenberg Blocks &amp; Shortcodes:<\/strong> Automatically registers matching frontend login cards and components specifically tailored to your active third-party plugins.<\/li>\n<li><strong>High-Yield Admin Nudge Notices:<\/strong> Turn on built-in dashboard reminders that gently guide eligible users to secure their accounts with a passkey without administrator intervention.<\/li>\n<li><strong>Granular Role-Based Security Policies:<\/strong> Configure exactly which user roles are permitted to use biometric authentication (Default: Administrators-only out of the box).<\/li>\n<li><strong>Developer-Managed Overrides:<\/strong> Manage passkey settings in PHP using the centralized <code>advapafo_local_configuration<\/code> filter or the <code>ADVAPAFO_SETTINGS<\/code> constant.<\/li>\n<li><strong>Theme Template Customization:<\/strong> Seamlessly match your active brand by overriding the login button template layout via <code>\/advanced-passkeys\/login\/button.php<\/code> inside your child theme.<\/li>\n<li><strong>Advanced Analytics Dashboard:<\/strong> Track credential performance over time with a live Authenticator Overview breakdown card and a Last Login audit trail log.<\/li>\n<li><strong>Hardened Brute-Force Rate Limiting:<\/strong> Enforce strict local connection limits to log and block malicious behavior, backed by automated daily cleanup crons to keep your database lean.<\/li>\n<li><strong>Multisite Network Provisioning:<\/strong> Network-aware architecture instantly partitions tables dynamically and inherits security guardrails across newly deployed network sites.<\/li>\n<li><strong>Clean Housekeeping Routine:<\/strong> Implements a strict, responsible uninstall function that leaves behind absolutely zero orphaned database tables or leftover configuration choices.<\/li>\n<\/ul>\n\n<h3>Developer Configuration<\/h3>\n\n<p>Advanced Passkeys supports code-managed configuration for developers, agencies, and infrastructure teams that deploy settings through version control. This helps apply the same passkey policy across many sites without manual option changes.<\/p>\n\n<h4>Configuration evaluation priority order<\/h4>\n\n<p>When resolving a configuration key, the plugin respects this strict top-down hierarchy:<\/p>\n\n<ol>\n<li>Centralized <code>advapafo_local_configuration<\/code> hook filter<\/li>\n<li>Global <code>ADVAPAFO_SETTINGS<\/code> array constant definition<\/li>\n<li>Site-level <code>advapafo_settings<\/code> option array map<\/li>\n<li>Single historical legacy <code>advapafo_*<\/code> options<\/li>\n<li>Core plugin out-of-the-box system defaults<\/li>\n<\/ol>\n\n<p>Values resolve individually by index key. Overriding a key like <code>login_challenge_ttl<\/code> via code leaves your remaining settings completely manageable via the dashboard UI or database choices.<\/p>\n\n<h4>Example: Enforce HTTPS and restrict passkey enrollment to administrators<\/h4>\n\n<p>Drop this configuration array inside your active theme's functions file or a custom functionality plugin:<\/p>\n\n<pre><code>&lt;?php\nadd_filter(\n    'advapafo_local_configuration',\n    static function ( array $configuration ): array {\n        return array_replace(\n            $configuration,\n            array(\n                'enforce_https'  =&gt; true,\n                'eligible_roles' =&gt; array( 'administrator' ),\n            )\n        );\n    }\n);\n<\/code><\/pre>\n\n<h4>Example: Global array constant configuration within wp-config.php<\/h4>\n\n<p>For automated environments that favor infrastructure-level array maps, define this constant:<\/p>\n\n<pre><code>define(\n    'ADVAPAFO_SETTINGS',\n    array(\n        'conditional_ui_enabled'     =&gt; true,\n        'login_challenge_ttl'        =&gt; 300,\n        'registration_challenge_ttl' =&gt; 300,\n        'max_passkeys_per_user'      =&gt; 0,\n    )\n);\n<\/code><\/pre>\n\n<!--section=installation-->\n<h4>Automatic installation<\/h4>\n\n<ol>\n<li>In your WordPress dashboard, navigate to <strong>Plugins &gt; Add New<\/strong>.<\/li>\n<li>Search for <strong>Advanced Passkeys for Secure Login<\/strong>.<\/li>\n<li>Click <strong>Install Now<\/strong> and then click <strong>Activate<\/strong>.<\/li>\n<li>Navigate to <strong>Settings &gt; Advanced Passkeys<\/strong> to fine-tune your security configuration.<\/li>\n<\/ol>\n\n<h4>Manual installation<\/h4>\n\n<ol>\n<li>Download the plugin ZIP archive file from WordPress.org.<\/li>\n<li>In your dashboard, go to <strong>Plugins &gt; Add New &gt; Upload Plugin<\/strong> and choose the downloaded file.<\/li>\n<li>Click <strong>Activate<\/strong>.<\/li>\n<li>Navigate to <strong>Settings &gt; Advanced Passkeys<\/strong> to get started.<\/li>\n<\/ol>\n\n<h4>Quick Start Onboarding Guide<\/h4>\n\n<ol>\n<li>Head to <strong>Settings &gt; Advanced Passkeys<\/strong> \u2014 confirm passkeys are enabled and review your allowed user roles.<\/li>\n<li>Navigate directly to <strong>Users &gt; Your Profile<\/strong> and register your first passkey.<\/li>\n<li>Sign out of your dashboard to confirm the secure <strong>Sign in with Passkey<\/strong> button appears below the password form.<\/li>\n<li><em>Pro Tip:<\/em> Register a secondary backup passkey (such as a mobile device or physical hardware key) to ensure you have a fallback access path.<\/li>\n<\/ol>\n\n<h4>Local Development &amp; Staging Environments<\/h4>\n\n<p>The official WebAuthn protocol strictly mandates a secure connection context (HTTPS) in production. To protect your site, the plugin blocks live passkey validation over unsecured HTTP web connections.<\/p>\n\n<p>If you are a developer testing locally on a development server environment without a local SSL certificate installed, you can easily bypass this security restriction by defining this helper flag inside your local <code>wp-config.php<\/code> file:<\/p>\n\n<pre><code>define( 'ADVAPAFO_ALLOW_HTTP', true ); *(Warning: Never define this configuration constant on a live production environment!)*\n<\/code><\/pre>\n\n<!--section=faq-->\n<dl>\n<dt id=\"does%20this%20replace%20standard%20wordpress%20passwords%20entirely%3F\"><h3>Does this replace standard WordPress passwords entirely?<\/h3><\/dt>\n<dd><p>No. Passkeys function as a high-security alternative login method. Users retain their standard WordPress password as a fallback authentication method if their passkey device is missing or unavailable.<\/p><\/dd>\n<dt id=\"does%20this%20plugin%20require%20an%20active%20ssl%20certificate%20%28https%29%3F\"><h3>Does this plugin require an active SSL Certificate (HTTPS)?<\/h3><\/dt>\n<dd><p>Yes, in live production environments. Secure biometric authentication requires an encrypted HTTPS context to communicate safely with authenticators. To preview features locally via standard HTTP, please refer to the local development instructions outlined in the Installation section.<\/p><\/dd>\n<dt id=\"can%20developers%20manage%20passkey%20policies%20directly%20in%20code%3F\"><h3>Can developers manage passkey policies directly in code?<\/h3><\/dt>\n<dd><p>Yes, seamlessly. Agency teams and developers can manage the plugin's complete option array using the centralized <code>advapafo_local_configuration<\/code> filter or the global <code>ADVAPAFO_SETTINGS<\/code> PHP array constant. Setting your policy in code locks the matching WordPress admin dashboard control, displaying a clear <strong>Managed via code<\/strong> status flag to prevent configuration drift.<\/p><\/dd>\n<dt id=\"which%20major%20browsers%2C%20platforms%2C%20and%20biometric%20devices%20are%20supported%3F\"><h3>Which major browsers, platforms, and biometric devices are supported?<\/h3><\/dt>\n<dd><p>Any operating system and browser that supports modern WebAuthn standards (supported by all primary vendors since 2022). This covers Apple Safari, Google Chrome, Mozilla Firefox, and Microsoft Edge across macOS, iOS, Windows Hello biometrics, Android fingerprint scanners, and physical FIDO2\/U2F keys like YubiKeys.<\/p><\/dd>\n<dt id=\"can%20i%20restrict%20passkey%20creation%20to%20specific%20user%20roles%3F\"><h3>Can I restrict passkey creation to specific user roles?<\/h3><\/dt>\n<dd><p>Yes. Navigate to <strong>Settings &gt; Advanced Passkeys &gt; Eligible Roles<\/strong> to limit access. The plugin defaults to Administrators only, and you can enable passkey access for Subscribers, Customers, or custom membership roles as needed.<\/p><\/dd>\n<dt id=\"which%20dynamic%20shortcodes%20are%20packaged%20with%20the%20plugin%3F\"><h3>Which dynamic shortcodes are packaged with the plugin?<\/h3><\/dt>\n<dd><p><strong>Global Core Shortcodes:<\/strong>\n* <code>[advapafo_login_button]<\/code> \u2014 Renders the standalone passkey login button.\n* <code>[advapafo_register_button]<\/code> \u2014 Places a passkey enrollment trigger on any frontend layout.\n* <code>[advapafo_passkey_profile]<\/code> \u2014 Displays a full credential management table for logged-in profiles.\n* <code>[advapafo_passkey_prompt]<\/code> \u2014 Embeds an interactive onboarding registration area.<\/p>\n\n<p><strong>Ecosystem Integration Shortcodes:<\/strong> (Automatically responsive when companion plugins are active)\n* <code>[advapafo_woocommerce_login]<\/code>\n* <code>[advapafo_edd_login]<\/code>\n* <code>[advapafo_memberpress_login]<\/code>\n* <code>[advapafo_ultimate_member_login]<\/code>\n* <code>[advapafo_learndash_login]<\/code>\n* <code>[advapafo_buddyboss_login]<\/code>\n* <code>[advapafo_gravityforms_login]<\/code>\n* <code>[advapafo_pmp_login]<\/code><\/p><\/dd>\n<dt id=\"which%20integrated%20gutenberg%20blocks%20are%20available%3F\"><h3>Which integrated Gutenberg Blocks are available?<\/h3><\/dt>\n<dd><p>When an ecosystem dependency is active on your site, the plugin registers optimized, native core editor blocks:\n* <code>advanced-passkey-login\/woocommerce-login-card<\/code>\n* <code>advanced-passkey-login\/edd-login-card<\/code>\n* <code>advanced-passkey-login\/memberpress-login-card<\/code>\n* <code>advanced-passkey-login\/ultimate-member-login-card<\/code>\n* <code>advanced-passkey-login\/learndash-login-card<\/code>\n* <code>advanced-passkey-login\/buddyboss-login-card<\/code>\n* <code>advanced-passkey-login\/gravityforms-login-card<\/code>\n* <code>advanced-passkey-login\/pmp-login-card<\/code><\/p><\/dd>\n<dt id=\"what%20system%20php%20extensions%20must%20be%20active%20on%20my%20server%20hosting%3F\"><h3>What system PHP extensions must be active on my server hosting?<\/h3><\/dt>\n<dd><p>The plugin runs on standard, lightweight modern server components requiring the <code>openssl<\/code>, <code>mbstring<\/code>, and <code>json<\/code> extensions. These packages are pre-compiled and running out of the box on nearly all managed WordPress web hosts.<\/p><\/dd>\n<dt id=\"is%20the%20plugin%20fully%20wordpress%20multisite%20network%20compatible%3F\"><h3>Is the plugin fully WordPress Multisite network compatible?<\/h3><\/dt>\n<dd><p>Yes. Database tables partition dynamically across your network using <code>$wpdb-&gt;prefix<\/code>. Network activation provisions the plugin tables for existing sites and newly created network sites.<\/p><\/dd>\n<dt id=\"can%20i%20use%20a%20custom%20relying%20party%20id%20%28rp%20id%29%20for%20complex%20subdomain%20setups%3F\"><h3>Can I use a custom Relying Party ID (RP ID) for complex subdomain setups?<\/h3><\/dt>\n<dd><p>Yes. For compatible subdomain setups, declare your root domain within your site's <code>wp-config.php<\/code> file:\n    define( 'ADVAPAFO_RP_ID', 'yourdomain.com' );<\/p><\/dd>\n<dt id=\"can%20i%20override%20the%20passkey%20login%20button%20html%20templates%20in%20my%20theme%20files%3F\"><h3>Can I override the passkey login button HTML templates in my theme files?<\/h3><\/dt>\n<dd><p>Yes. Copy the plugin's internal markup template directly into your theme's active folder structure:\n    \/wp-content\/themes\/your-active-theme\/advanced-passkeys\/login\/button.php<\/p><\/dd>\n<dt id=\"what%20happens%20to%20my%20database%20data%20if%20i%20delete%20the%20plugin%3F\"><h3>What happens to my database data if I delete the plugin?<\/h3><\/dt>\n<dd><p>Deactivating the plugin preserves passkey records and settings. Running the default WordPress delete routine removes the plugin's credential, rate-limit, and log tables alongside matching <code>advapafo_*<\/code> configuration rows.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.1.11<\/h4>\n\n<ul>\n<li>Improved: username-free passkey sign-in now shows clearer fallback guidance when a browser or authenticator does not support discoverable credentials.<\/li>\n<li>Improved: passkey sign-in button now uses a refreshed user\/key icon.<\/li>\n<li>Fixed: admin switch checkbox rendering avoids native checkbox bleed-through in custom toggle controls.<\/li>\n<\/ul>\n\n<h4>1.1.10<\/h4>\n\n<ul>\n<li>Added: code-managed local configuration via <code>advapafo_local_configuration<\/code> and <code>ADVAPAFO_SETTINGS<\/code>.<\/li>\n<li>Added: admin UI indicators and locked controls for settings managed by code.<\/li>\n<li>Improved: developer configuration filters now resolve through the centralized settings getter for cleaner policy management.<\/li>\n<li>Fixed: conditional UI login elements now remain hidden consistently when conditional UI is enabled.<\/li>\n<li>Improved: authenticator provider reporting resolves legacy credential\/log payload variants more reliably.<\/li>\n<li>Improved: registration errors now show friendlier passkey guidance for browser invalid-state failures.<\/li>\n<\/ul>\n\n<h4>1.1.9<\/h4>\n\n<ul>\n<li>Improved: admin footer link styling and rating stars visibility for the settings screen.<\/li>\n<\/ul>\n\n<h4>1.1.8<\/h4>\n\n<ul>\n<li>Fixed: passkey revoke reliability across compatibility credential tables.<\/li>\n<li>Improved: authenticator provider normalization and typo tolerance for brand labeling.<\/li>\n<li>Improved: reporting metadata normalization for authenticator detection.<\/li>\n<\/ul>\n\n<h4>1.1.7<\/h4>\n\n<ul>\n<li>Improved: aligned plugin header author metadata with readme contributors.<\/li>\n<\/ul>\n\n<h4>1.1.6<\/h4>\n\n<ul>\n<li>Improved: include WordPress.org assets directory in release source so banners, icon, and screenshots deploy via SVN automation.<\/li>\n<\/ul>\n\n<h4>1.1.5<\/h4>\n\n<ul>\n<li>Improved: sanitize-early handling for transports and credential request inputs.<\/li>\n<li>Improved: stricter nonce-gated debug query handling in settings.<\/li>\n<li>Improved: output escaping hardening for integration-rendered markup and dynamic admin classes.<\/li>\n<li>Improved: release and quality workflow validation guardrails (actionlint gate).<\/li>\n<\/ul>\n\n<h4>1.1.4<\/h4>\n\n<ul>\n<li>Added: Dashboard tab with an Authenticator Overview card.<\/li>\n<li>Added: Last Login activity card in the Dashboard tab.<\/li>\n<li>Improved: nonce and capability enforcement across sensitive request handlers.<\/li>\n<li>Improved: release packaging workflow with strict file allowlist validation.<\/li>\n<li>Fixed: release automation now publishes real GitHub releases with attached installable ZIP.<\/li>\n<\/ul>\n\n<h4>1.1.2<\/h4>\n\n<ul>\n<li>Added: integration manager for popular ecosystem plugins with dependency-aware module loading.<\/li>\n<li>Added: integration-specific shortcodes and Gutenberg blocks.<\/li>\n<li>Added: integration controls in settings with installed\/not installed indicators.<\/li>\n<li>Added: shortcode quick-start helper and improved shortcode documentation in admin UI.<\/li>\n<li>Changed: removed legacy shortcode alias registrations and related legacy copy.<\/li>\n<li>Changed: refreshed docs and translation template strings for current shortcode names.<\/li>\n<\/ul>\n\n<h4>1.1.1<\/h4>\n\n<ul>\n<li>Updated: plugin name and user-facing references to \"Advanced Passkeys for Secure Login\".<\/li>\n<li>Updated: settings\/UI copy to use the full plugin name.<\/li>\n<\/ul>\n\n<h4>1.1.0<\/h4>\n\n<ul>\n<li>Added: dismissible \"set up your passkey\" nudge notice for eligible users.<\/li>\n<li>Added: Passkeys column in the admin Users list showing count per user.<\/li>\n<li>Added: Scheduled daily cleanup of expired rate-limit rows and old log entries.<\/li>\n<li>Added: Challenge timeout setting in Settings &gt; Advanced Passkeys for Secure Login &gt; Advanced.<\/li>\n<li>Added: Login redirect URL field in settings (fallback after passkey login).<\/li>\n<li>Added: <code>[advapafo_login_button]<\/code> and <code>[advapafo_register_button]<\/code> shortcodes.<\/li>\n<li>Added: Log retention period setting (days).<\/li>\n<li>Improved: <code>get_challenge_ttl()<\/code> now reads from the settings UI.<\/li>\n<\/ul>\n\n<h4>1.0.0<\/h4>\n\n<ul>\n<li>Initial release.<\/li>\n<\/ul>","raw_excerpt":"Add secure passwordless passkey login with Face ID, Touch ID, Windows Hello, and hardware keys.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/cl.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/306810","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cl.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/cl.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/cl.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=306810"}],"author":[{"embeddable":true,"href":"https:\/\/cl.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/wppasskey"}],"wp:attachment":[{"href":"https:\/\/cl.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=306810"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/cl.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=306810"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/cl.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=306810"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/cl.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=306810"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/cl.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=306810"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/cl.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=306810"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}