Plugin Author
Axton
(@axton)
Hi,
WP-WebAuthn is designed to replace the login password, not enable MFA. If you want to force WebAuthn login for your users, just go to Settings > WP-WebAuthn and set ‘Preferred login method’ to ‘WebAuthn only’. This will completely disable the password login and force all users to use WebAuthn. Please notice currently this will block new users from logging in, and we are working on making the experience better right now.
If you want MFA functionalities but not replacing passwords with WebAuthn, please use other MFA plugins.
Thread Starter
MH
(@martincmelik)
Aha, so your module is only for webauth and nothing else?
It was almost perfect for my site, but I need to allow at least OTP/TOPT (Google Authenticator etc.) for my users as well.
Plugin Author
Axton
(@axton)
Hi,
Yes. And since WebAuthn is secure by default I recommand you to not enable MFA when using WebAuthn. If you want enable MFA for password logging-ins, you can install Two Factor plugin, which will enable MFA for your users. WP-WebAuthn is compatible with Two Factor and will skip MFA when user logging in with WebAuthn.
Hope this would help you.
