About biometric authentication

Hi @ika2525, thanks for reaching out! We’re glad you’re interested in implementing the Solid Security Pro’s Passkeys feature, and I’d be happy to answer your questions.

1. Is it possible to require login only using biometric authentication (facial recognition) set by the user? – This is still not possible with our plugin. The default “login with your password” method will always be present even when the Passkeys feature is activated.

2. When logging in for the first time, the user logs in using biometric authentication. When the same user registers as a member for the second time, I want to reject the biometric authentication used once. This is to prevent the second membership registration from being successful. – If I understood you correctly, it’s not possible for a user to register again using the same email address and bio auth device. However, they can register using the same device if they use a different email address.

Hope this helps, and let me know if you have other questions!

thank you for your reply!

1.Is it difficult to use two-factor authentication to require only a password for the first time and only face recognition for the second time?

2.Is SMS authentication possible with this Pro.

Also, I understand that it is possible to register the same biometric authentication by changing the email address, but is this also true for the phone number?

Hi @ika2525, you’re welcome!

1. Yes. It’s not possible to enable the 2FA feature and require a password the first time only, then require Passkeys (biometrics) the second time.

2. No, the plugin does not offer SMS as a 2FA method. The 2FA methods supported are Email, Mobile Authenticator Apps, and Backup Codes.

To clarify, 2FA and Passkeys are different security features. To enable Passkeys, you’ll need to enable the Passwordless Login feature first. Once enabled, the users can log in either with Passwordless Login (Passkeys/Magic Link) or the traditional password method. 

The 2FA feature is another thing, and when using the Pro plugin, you can set it to be: 

• always required 
• required but allow 2FA bypass when users use Passwordless Login 
• not required

Hope these helps!

1. Is it possible to only require login using user-configured biometrics (facial recognition)? – This is not yet possible with the plugin. The default “Log in with password” method is always present even when the passkey feature is enabled.↓

I understand that password authentication is required even if passkey authentication is enabled, but is it possible to use password authentication the first time and biometric authentication (face recognition) the second time? For example, is it possible to prevent login if biometric authentication cannot be cleared after password authentication is successful? Or does it mean password authentication in case biometric authentication cannot be cleared?

2.When logging in for the first time, the user logs in using biometrics. When the same user registers as a member for the second time, I want to reject the biometric authentication that was used once. This is to ensure that your second membership registration is not successful. – If I understand correctly, a user cannot re-register using the same email address and biometric device. However, if you use a different email address, you can register using the same device.

↓

If the email address and biometric authentication (facial authentication) are the same, you will not be able to register as a user for the second time, but is that when you register as a member? Or when logging in? Also, I am using Crocoblock’s Jet Form Builder for user registration, is this possible? The login form will also be created here.

3.Also, could you please tell me what steps users can take to register face recognition etc.?If you have a guide, please let me know its URL.

Please let me ask you an additional question.
https://solidwp.com/blog/passkeys-biometric-login-wordpress/?irclickid=x-6zR7RrYxyPWx9R6ZVK32KiUkH0H4XB7XxW3U0&irpid=2710523&utm_medium=affiliate&irgwc=1
I checked this.

Email address verification
passkey authentication
or
Password authentication

Although it says,

4. Does this mean that only email address authentication + passkey authentication or password authentication is required for login?
5. Also, is it possible to prevent the passkey (face recognition) from being changed once it has been registered? on the same account.

With the passkey face authentication, I think with an iPhone, if you fail face authentication several times, you will be asked for your iPhone password, but will it still pass?

Hi @ika2525, I think there is a bit of confusion here and I’ll do my best to explain things clearly.

1. No. Password is not required when users choose the Passkey method when logging in. I meant that if you enabled the Passkeys feature, the users would see both the Passkeys and default password login methods. When logging in, they will only choose one method. If they choose Passkeys, they won’t be asked for their password anymore. To give you an idea, here is what a user sees when they log in:?https://share.zight.com/YEuJg6Re.

Still, it is not possible to configure the plugin in a way where only the Passkeys method will show. It’s also not possible to configure it so that they will can only use the Passkeys method the second time they log in.

If they cannot pass their login 5x in a row (whichever login method), Solid Security will lock them out for 15mins (by default), and if they get locked out 3x, they will be added to the banned list.

Or does it mean password authentication in case biometric authentication cannot be cleared? – If they cannot successfully log in using Passkeys, they can use the traditional password login instead.

2. It is during registration because, by default, WordPress does not allow multiple user accounts with the same email address. I believe this still applies even with Crocoblock’s Jet Form Builder for user registration.

3. Please check out our articles regarding Passkeys here:?Passkeys.

4. Only one method is required for logging in, depending on the user

5. It is not possible to prevent the registered Passkeys from being changed. The users can manage (update) their Passkeys from their User Profile page.

6. With the passkey face authentication, I think with an iPhone, if you fail face authentication several times, you will be asked for your iPhone password, but will it still pass? – Yes, if they fail face ID and get prompted with the passcode, it will pass.?

Hope this helps!