=== Multidots Passkey Login – Passwordless Login for WordPress ===
Contributors: Multidots
Tags: passkey, login, passwordless, biometric login , authentication
Requires at least: 6.0
Tested up to: 6.8
Requires PHP: 8.1
Stable tag: 1.1
License: GPL-3.0+
License URI: http://www.gnu.org/licenses/gpl.html

Passwordless login for WordPress with Passkeys. Enable Touch ID, Face ID, and security keys for seamless, phishing-resistant authentication.

== Description ==
**Multidots Passkey Login** – Passwordless Authentication brings next-generation login security to WordPress.

Give your users a **secure and modern login experience** with passkeys — the new standard for **passwordless authentication** supported by all major browsers and devices.

With Multidots Passkey Login, users can log in using **biometric authentication** (Face ID, Touch ID), **Windows Hello, or a device PIN—no passwords are** required.

This creates a **fast, secure, and phishing-resistant** login experience that works seamlessly across desktop and mobile.

[youtube https://youtu.be/snlEpo36Kug]

**Built for Flexibility:**
<ul>
<li>Instantly works for existing WordPress users after registering a passkey.</li>
<li>Simple yet powerful admin settings to manage login behavior and security.</li>
<li>Built on the <strong>FIDO2/WebAuthn standard</strong> trusted by <strong>Apple, Google, and Microsoft</strong>.</li>
</ul>

Perfect for publishers, WooCommerce stores, agency clients, and high-security use cases.

== Key Features ==
**🔐 Secure & Seamless Login**
<ul>
<li>Passwordless login with Touch ID, Face ID, or security keys.</li>
<li>Works instantly for existing users after passkey registration.</li>
</ul>

**📝 Easy User Registration**.
<ul>
<li>Register a passkey for existing users without one.</li>
<li>Create new users directly with passkey registration.</li>
</ul>

**⚙️ Flexible Admin Settings**
<ul>
<li>Enable/Disable passkey login with one click.</li>
<li>Control session timeout for added security.</li>
<li>Multiple authentication options: QR code scan, Chrome guest mode, iCloud Keychain, etc.</li>
<li>Limit number of passkeys per user (e.g., max 2 credentials).</li>
</ul>

**🎨 Frontend Integration**
Shortcodes included:
<ul>
<li> [mdlogin_passkey_login] → Displays a Login with Passkey button.</li>
<li> [mdlogin_passkey_register]  →  Displays passkey registration form.</li>
</ul>

**🛡️ Security Requirements**
<ul>
<li>Requires HTTPS for secure operation</li>
</ul>

== Why Choose the Multidots Passkey Login Plugin
* **Passwordless Security**: Strong protection against phishing and stolen credentials.
* **User-Friendly**: Log in with a single tap or scan—no passwords to remember.
* **Enterprise-Grade Standards**: Built on FIDO2/WebAuthn protocols used by major platforms.
* **Cross-Device Compatibility**: Works on iOS, Android, macOS, and Windows.
* **Trusted Developer**: Created by Multidots, a WordPress VIP Gold Agency.

== How It Works ==
* Activate Plugin – Enable Passkey Login from settings.
* User Registers a Passkey – through profile settings 
* Login Without Passwords – Users authenticate via Touch ID, Face ID, or a security key.
* Admin Controls – Adjust login methods and session policies

== Our Other Plugins ==
* [Sync Product From Amazon](https://wordpress.org/plugins/sync-product-from-amazon/)
* [Smart Post Sync](https://wordpress.org/plugins/smart-post-sync/)
* [Better By Default](https://wordpress.org/plugins/better-by-default/)
* [Centralized Content Management for WordPress Multisite Networks](https://wordpress.org/plugins/centralized-content-management/)
* [MD Governance](https://wordpress.org/plugins/md-governance/)
* [Salsi Sync](https://wordpress.org/plugins/salsisync/)

== Contact Us ==
Free plugin: Need Technical Help? – [Click here](https://wordpress.org/support/plugin/multidots-passkey-login/)
Pro Plugin: PRE-SALE Questions – [Click here](https://www.multidots.com/contact-us/)

== Frequently Asked Questions ==

= What is a Passkey? =
A passkey is a secure credential stored on your device (like Face ID, fingerprint, or PIN). It’s used to log into websites without needing to remember or type a password.

= Do passkeys work on mobile devices? =
Yes! Passkeys work across mobile and desktop. Users can log in using their built-in biometrics or unlock methods.

= Is this plugin compatible with WordPress Multisite? =
Yes. It works smoothly with multisite setups.

= Do I need SSL/HTTPS for this plugin? =
Yes. HTTPS is required for secure operation of passkeys.

= Does it work with existing WordPress accounts? =
Yes. Any user can register a passkey and log in without a password.

= Can I keep normal username/password login active? =
Yes. Traditional login remains unless the admin disables it.

= What devices and browsers are supported? =
Passkeys are supported on all major browsers (Chrome, Safari, Edge) and devices (iOS, Android, macOS, Windows).

= Can I limit the number of passkeys per user? =
Yes. The admin can set how many passkeys each user can register.

= How do I troubleshoot conflicts with other plugins? =
Disable other plugins one by one to identify conflicts. If the issue persists, contact our support team for assistance.

= How do I get support if I face an issue? =
You can post your queries on the WordPress.org support forum for the plugin.

== Screenshots ==
1. 
2.
3. 
4. 
5.

== Changelog ==
= 1.1 - 16.10.2025 =
- Implemented comprehensive input sanitization and validation across all user inputs.
- Added rate limiting to prevent brute force attacks and abuse.
- Enhanced session security with improved management and metadata protection
- Integrated full CSRF token validation to prevent cross-site request forgery.
- Applied multiple security headers to mitigate common web vulnerabilities.
- Minor bug fixes and code refactoring for better maintainability

= 1.0.0 =
- Initial release