The security of WordPress administration is generally based on a login/password combination to access the interface.
However, we remain reliant on the most widespread combination of the past two decades.
A new player is emerging in this dominance: the access key, notably the YubiKey.
Always on the lookout for solutions to improve the security of my environments, I am currently testing the WP WebAuthn plugin as I write this post.
At first glance, this rather recent tool allows me to log in using my physical key. As expected, I might add.
Other plugins are available, such as PasswordLess Login.
However, the ultimate solution would be to create your own plugin, or even implement it on your own site (Next.js, Symfony)…
To be continued…