Ian Dunn

WebAuthn allows for that, but it's being implemented here (in #427) as a 2nd factor rather than a replacement.

IMO this would be better as an add-on plugin, since the vast majority of folks have no clue what GPG is, and would struggle to use it even if they...

Here's a few examples: * https://wordpress.org/plugins/two-factor-provider-webauthn/ * https://github.com/mcguffin/two-factor-webauthn * https://github.com/WordPress/wordpress.org/tree/5551259/wordpress.org/public_html/wp-content/plugins/wporg-two-factor The essential part is using the `two_factor_providers` filter to add a new provider. The class for that provider needs to...

Here's another example I just noticed: https://github.com/shield-9/two-factor-sms

U2F is deprecated and no longer works in Chrome, so the provider is being removed in #439 . Given that, there's probably no reason to keep this open anymore.

U2F is deprecated and no longer works in Chrome, so the provider is being removed in #439. A WebAuthn provider is being added in #427 , though, and I think...

It seems like this is covered by #255 / #239, so I'll go ahead and close it, but let me know if there's anything distinct that I missed.

If we end up [switching libraries](https://github.com/WordPress/two-factor/pull/427#issuecomment-1276776213) in #427, then I think we could seamlessly migrate the existing U2F keys to the WebAuthn provider. Update: @mcguffin started a PR for this...

Related #261

U2F is deprecated and no longer works in Chrome, so the provider is being removed in #439 . Given that, there's probably no reason to keep this open anymore.