Secure Login with TraitWare

Leírás

The TraitWare plugin combined with its mobile app provides a simple, secure login to the WordPress Dashboard and Protected Resources via web browsers by replacing usernames/passwords with a QR scan. Using the TraitWare mobile app, role-based Multi-Factor (2FA) Authentication provides an extra layer of security to your sign in process. To take full advantage of this feature, a simple setting has been added to disable the username and password fields!

Site administrators can set up the plugin to protect wp-admin/Dashboard logins, Custom page/site user logins, pages, and resources within a page. They can also allow for user to self-register with TraitWare to access resources or their page. Site logins can be accessed with the scan of one QR here.

TraitWare is a premiere multi-factor authentication platform that never needs a password or a password manager. With our QR web browser login solution, we can also eliminate the need for a username. Not only is our software convenient and easy to use, but it virtually eliminates vulnerabilities associated with traditional username and password logins in the web browser.

If you would like to learn more about TraitWare and how it can help improve your sign in process, visit our website here.

Easy Install
1. Install and register the plugin (Video Instructions Part 1: Account Creation See additional videos in the installation tab)
2. Send yourself a registration email
3. Install the TraitWare app on your mobile phone by simply selecting the Registration link from your phone and completing registration.
4. Now scan the QR on the plugin screen with your TraitWare Mobile App to add TraitWare to your site
5. Log in to your site by scanning a QR for all future logins!
*If you have a firewall, please make sure you have your network IP or https://api.traitware.com whitelisted. For additional information, go here.

Find a more detailed walk-through and the rest of the videos in the Installation tab!

Supported Mobile Devices
*Android 6.0 (Marshmallow) and up for smartphones and tablets (Google Play must be enabled for auto-registration piece)
*iPad iOS 10 and up
*iPhone iOS 10 and up (requires iPhone 5S or newer)

How Secure is TraitWare Authentication?
TraitWare uses Multi-Factor Authentication to secure each individual client’s browser login to WordPress. The factors that it utilizes for securing each user’s identity are 1) each user’s mobile device equipped with the TraitWare Mobile App, 2) the cloud-hosted TraitWare Authentication Server, 3) something you are or know. While TraitWare’s authentication is incredibly effective against malicious attacks and identity theft in a browser, site admins and their users should still use best practices. This means disabling username and password options and making sure ftp, sftp, and MySQL logins are complex.

TraitWare Services Trial Period
While the WordPress plugin is completely free to install and regsiter, if you wish to continue using the TraitWare app to sign in after your 30-day trial expires, you will be asked to choose a payment plan or remove the TraitWare plugin.

TraitWare SSO User Portal
TraitWare offers a User Portal to manage all of your site logins from one place. A site manager will sign in once, and have access to all sites on the account for the entire workday.
1. Navigate to login.traitware.com and select Log In With TraitWare
2. Open your TraitWare Mobile App and authenticate
3. Scan the QR to gain access to your sites
4. That’s it!

TraitWare Direct Login
TraitWare offers direct login to the dashboard directly from the TraitWare app on your device.
1. Open your TraitWare Mobile App and authenticate
2. Select Direct Login on the screen
3. Choose the site where you want to access the dashboard
4. That’s it!

TraitWare Restricted Content
TraitWare offers to protect pages or sections of pages on top of securing logins for admins and consumers.
A detailed tutorial can be found here.

Képernyőmentések

  • TraitWare replaces username and passwords with a QR.
  • TraitWare SSO User Portal for site login management.
  • TraitWare setup page. New users submit email. Existing users scan QR.
  • Registration email for TraitWare mobile app
  • TraitWare mobile app after installation and registration
  • TraitWare User Management table for Account Owner and Dashboard User Administrators
  • Account Owner/Dashboard Administrators approval to activate/deactivate users, add/remove account owners, and resend registration codes
  • Disabling username and password fields, modifying Protected Pages settings, and adding custom log in URL in TraitWare Settings
  • Account Owner recovery method
  • Account Owner recovery email with link to reveal username and password
  • Protected Pages shortcode generator for WordPress 4.9.8 and earlier
  • Example of the shortcode after it is applied to highlighted text for WordPress 4.9.8 and earlier
  • Example of adding TraitWare Protected Content or TraitWare Form blocks in WordPress 5.0
  • Example of TraitWare Protected Content Block options in WordPress 5.0
  • Example of TraitWare Form Block options in WordPress 5.0
  • Example of what a non-logged in user would see vs what a logged in user with access to the protected resource would see

Telepítés

  1. Install and register the TraitWare plugin from your site dashboard. (add new plugin->search TraitWare)
  2. Go to the TraitWare settings (appears after plugin registration) and email a registration link to register your phone as a login device. (This is only done for the first/primary site. To add additional sites skip to step 4).
  3. Install the TraitWare app on your phone by simply selecting the Registration link from your phone and completing registration.
  4. Now scan the QR on the plugin screen with your TraitWare Mobile App to add the TraitWare Login Manager to your site.
  5. Login to your dashboard by scanning a QR with the app for all future logins!
  6. To add more users, go back to TraitWare settings -> User Management. Select the user(s) you wish to register and scan the QR to send an email with registration code.
  7. Content and pages can be restricted within a page. A detailed tutorial can be found here.

TraitWare recommends turning off Username/Password logins once the TraitWare plugin is deployed to all the site admins by going to TraitWare settings -> check the box and save.

Find a more detailed installation document here!

Instructional Videos

The following are links for the setup of the TraitWare plugin. Most of these steps can only be completed by the Account Owner (the initial administrator who sets up the TraitWare plugin or additional users added after) with limited actions which can be completed by a Dashboard User with a WordPress Administrator role.
Part 1A: New TraitWare Accounts
Part 1B: Mobile App Registration
Part 1C: Finishing Account Setup
Part 2: User Management
Part 3: Account Management
Part 4: Updating Users
Part 5: Additional Security
Part 6: Account Recovery
Part 7: Payments
Settings Part 1: Standard Login
Settings Part 2: Custom Login
Settings Part 3: Protected Resources
Settings Part 4: Self Registration
Settings Part 5: Bulk User Sync
General User Login

Firewalls

If you have a plugin for firewalls (such as WordFence, All In One WP Security, etc), please make sure that you are allowing access to https://api.traitware.com or your IP.

If you have Sucuri, your network IP will need to be whitelisted in order to access the plugin. Your network IP can most easily be found by navigating to speedtest.net. The IP will be listed at the bottom left, beneath your internet provider. If you are working on an Intranet, you may need to contact your IT department to allow the TraitWare plugin to communicate back and forth with https://api.traitware.com.

In some cases, a dedicated IP may be required to allow access to TraitWare.

GYIK

For the most up to date FAQ, visit our external site.
If you would like to view our support forum on WordPess, you can go here

The QR image isn’t loading, how can I scan it?

First, make sure that you have clicked the button to show the QR. If the image of the QR code is still not showing, make sure that you have an internet connection and that you do not have a firewall blocking access to TraitWare. You may need to allow https://api.traitware.com or your IP to communicate with TraitWare.

Additional Firewall and access fixes for a QR not loading

If you have a plugin for firewalls (such as WordFence, All In One WP Security, etc), please make sure that you are allowing access to https://api.traitware.com or your IP.

If you have Sucuri, your network IP will need to be whitelisted in order to access the plugin. Your network IP can most easily be found by navigating to speedtest.net. The IP will be listed at the bottom left, beneath your internet provider. If you are working on an Intranet, you may need to contact your IT department to allow the TraitWare plugin to communicate back and forth with https://api.traitware.com.

In some cases, a dedicated IP may be required to allow access to TraitWare.

You may also need to check that your .htaccess whiteliting is allowing access to all TraitWare Plugin files.

I’m getting an error message when trying to send myself the registration email. What is the error?

There a couple of things this could be. Mostly commonly, the error is because your WordPress version is below the required version of 3.7.0. If you have a version above that and still get an error, please make sure you have an internet connection. The last option is to make sure that your version of the TraitWare plugin is the most recent. Our updates are there to improve the plugin and the user experience as much as possible. If none of these solve your problem, please contact us at support@traitware.com or in the support forums.

How do I get the TraitWare App?

The most effective way to get the TraitWare app onto your mobile device is to open your TraitWare registration email directly on your device and click the Register button. This will take you to your app store to download and register the app. Alternatively, you can search “traitware” directly from the app store on that device. Please not that due to changes to Apple products, it is not possible to add the app from a computer or laptop. If you have an Android device, you can still add the application from a computer or laptop as long as you are signed into the same Google account that is linked to your device.

I lost my phone and cannot access my site, how can I get in?

As an Account Owner, if you navigate to yoursite.com/login and select \”trouble?\”, you can receive a secured email with a link to enter your username and password. If you are a user, please contact your site admin to resend your registration code.

How many Account Owners can I have on my site?

As many as you want. But remember, if you are giving people that responsibility, they can make any changes they want to TraitWare users. An Account Owner will also automatically be added to any WordPress sites that are on the account, so if you wish to only have a user administrate on a single site, make sure their role is “Administrator” and add them as a TraitWare Dashboard User. Dashboard Users will not be able to make changes to an Account Owner for security reasons.

What is the difference between a “Site User and a Dashboard User?”

A Site User is someone who won’t be making modifications in the Dashboard(wp-admin). This is typically a subscriber or someone with their own page through custom login. It also includes users who need access to a protected resource. A Dashboard User will include the people who are working on the site itself, such as Administrators, Editors, Authors, etc. A Dashboard User who is also a WordPress Administrator will be able to complete most actions available in the TraitWare Plugin.

What is a Protected Page/Resource?

A Protected Page/Resource is a page or an element on a page on a website that you have protected with the plugin. A user who is not given access to the resource will see a QR which they can scan using their TraitWare app to gain access to as long as the administrator has given them access to do so.

Why would I want to remove the username and password fields?

TraitWare takes pride in the fact that we are removing the option for you and your users to be hacked through a password in a browser. We have replaced this with a secured app on your phone instead. If you choose to leave those fields, just be aware that you are not as secured as you could be.

How long can I try TraitWare before paying?

TraitWare offers a free 30-day trial. If you don’t love it after 30 days, simply deactivate the plugin. If you aren’t sure yet about which plan works best for you, deactivating will save your account information on the TraitWare server. At the end of the 30-day trial, your account will be switched to a 30 day billing cycle. You will be charged based on your usage at the end of those 30 days.

What if I need to be issued a refund?

If you feel that you have been wrongly charged, please contact support@traitware.com to clarify charges or get your refund process started.

I’m getting an error on the QR when I try to login. How can I fix this?

It’s possible that your browser’s cache needs to be cleared. We have noticed issues with Safari in particular caching old data and preventing the QR from loading properly. If this does not solve your issue, please contact us at support@tratiware.com.

When I disable the login form, I don’t see the QR to sign in.

Any versions of the plugin up through 1.5.0 that are being used in parallel to JetPack with the WordPress.com log in activated will not be able to take advantage of the feature to disable the login form. A fix has been applied to 1.6.0-beta and beyond.

What is a beta release?

A beta release is new/updated features of a product which are being released to the public for further testing and fixes. This type of release allows for a company to get feedback from customers and improve as many of the existing changes as possible to make it as seamless to use for the customer as possible.

The Registration Button in the email did not do anything for me, what went wrong?

If you have an Android device, please make sure that your Google Play store is enabled. If you have an iOS product, please contact us at support@traitware.com.

Vélemények

2018.05.01.
I gave this product a spin recently. It was so simple and easy to use. It was great that I could create a TraitWare account without even needing to create a password. And setting up the WP Login was nearly fool-proof. Great tool to have for those users that are always resetting their password. Plus, two-factor authentication on top of it!
2018.03.10.
I am constantly looking up my passwords, or I rely on my browser to save them. But when it comes time to remembering, I have no idea what it is off the top of my head. This app has been so great for not having to worry about remembering anything except where my cell phone is.
2018.02.28.
The TW Plugin is literally the future of website login security. We create and manage a lot of WordPress sites and it is safe to say that all of them will be using this resource. Say good bye to usernames, passwords and compromised login credentials!!!
2018.02.27.
Not having to use a password is super convenient. I can't tell you how many times I've had to reset my password in wordpress. Glad I don't have to worry about that again. Great plugin!
2018.02.27.
I've gotten to the point of passwords where I'm just lazy. I start making them all the same and get tired of trying to fulfill these ridiculous requirements. This plugin finally made it to where I don't have to remember anything. With a fingerprint reader on my phone, I can sign in to my WordPress and never have to remember a thing. The setup was easy and clear, and I now feel like I don't have to worry about being hacked.
7 (az összes) vélemény olvasása

Közreműködők és fejlesztők

“Secure Login with TraitWare” egy nyílt forráskódú szoftver. A bővítményhez a következő személyek járultak hozzá:

Közreműködők

“Secure Login with TraitWare” fordítása a saját nyelvünkre.

Érdekeltek vagyunk a fejlesztésben?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Változási napló

1.8.4

*Cache cleanup, ability to turn off Protected content/custom logins

1.8.3

*Tested for 5.2 capability, improve UI, bug clean-up

1.8.2

*bug fixes

1.8.1

*increase backgroud sync, add button to reveal QR, change refresh

1.8.0

*Fix protected page user role bug

1.7.9

*Bug fix

1.7.8

*fix versioning

1.7.7

*added error logging to solve bugs more effeciently

1.7.6

*Increase cookie expiration

1.7.5

*Scanning bug fix

1.7.4

*Sorting bug fixed, adding bulk sync button in user management table

1.7.3

*Code security improvements/cleanup, UI improvements

1.7.2

*UI cleanup for WordPress 5.0; Add Block options for pages to use Protected Content and Forms options

1.7.1

  • Allow for Dashboard Administrators to have limited TraitWare user management abilities; bug fixes

1.7.0

  • Self-Registration feature added

1.6.4

  • Bug fix

1.6.3

  • Security improvements, language updates

1.6.2

  • Asset and language cleanup; UI Improvements

1.6.1

  • Bug fix

1.6.0

  • Live release of Protected Pages/Restricted Content and UI improvements

1.6-beta.5

  • Minor bug fixes

1.6-beta.4

  • Enable background sync

1.6-beta.3

  • Improved php security

1.6-beta.2

  • Cleaned up functionality

1.6-beta.1

  • Updated language, FAQ, and flow

1.6-beta

  • New Protected Pages/Resources features, updated custom login, improved features, improved user management

1.5.0

  • UI update to improve user experience, add SMS option

1.4.3

  • Bug fixes: fix for WooCommerce

1.4.2

  • Bug fixes: fix for php casting issue

1.4.1

  • Bug fixes: recovery email link accounts for custom url, allow emails with “+”

1.4.0

  • Update to work with TraitWare Console; Bug fixes: allow custom login, cleanup

1.3.4

  • Bug fixes: fix for some subdirectories

1.3.3

  • correct version update

1.3.2

  • Updated endpoint

1.3.1

  • Plugin name and description update

1.3

  • Bug fixes: allowing subdirectories

1.2

  • Integrated the TraitWare app’s Direct Login feature

1.1

  • Bug fixes: Improvement to Account Activation

1.0

  • Initial release of plugin