How Can I Securely Implement a Password-less Login Feature?

Just posted a new plugin: No More Passwords

I currently have it tagged beta because logging into a platform is a sensitive issue and I don’t want to release something that may have security holes. So here’s my query:

Read More

Is is secure?

I’ve done the following to ensure security:

  1. Username/password are never passed back and forth, only the unique
    hash.
  2. Hash is removed from the database once it’s used, old hashes that
    haven’t been used can’t be unless the database is hacked, but then
    you have bigger issues.
  3. All database queries of the hash have been escaped to prevent XSS
    attacks.
  4. nonce added to ajax call.
  5. nonce and confirmation added to on mobile end to prevent CSRF attack.

Here I have a complete description of how it works.

Next version I hope to implement oauth via twitter, since iOS now has it worked in…

Thanks for your input in advance.

Edit: I decided that as an added layer I would add a sessionID check to make sure that it’s the same browser logging in as the browser that initiated the QR code login.

Related posts

Leave a Reply

2 comments

  1. (I’m a sucker for alternative login schemes)

    Some nitpicking regarding DB escaping:

    • You use mysql_real_escape_string() directly. The preferred method is using $wpdb->prepare() or esc_sql().

    • UPDATE queries are best handled by $wpdb->update()

  2. I think it’s a great idea but like always the biggest weakness is the human factor, in this case it would be the phone itself being lost, stolen or intercepted. Have you thought about adding 2-layer authentication, like an SMS verification code ( like gmail, etc). Or an alternative that is easier would be a cookie + secret word.

    Also can you mention what algorithm is generating the QR code in your about page?