Magic Password

Description

Forget your pass****.

Forget your password, forget your username. Make your WordPress log in process completely passwordless. All you need is a phone! Magic Password is a free security Clef-like app which allows you to log in to your WordPress in a flash. Just open your application, scan QR code, and it’s done. It’s simple, quick and highly secure — like magic! It’s even better than two-factor authentication (2FA) because you don’t have to enter login, password and 2FA code.

We use cutting-edge, hash-based message authentication codes, so you can be sure that the log in process is highly secure. How does it work? Under the hood, a cryptographic hash function combines a secret key with current timestamp. Every 30 seconds it generates a unique code which replaces your password. We use end-to-end (e2e) encryption and do not store personal identifiable information (PII) about you or your users.

And you don’t need registration at all! Just download the app, install WordPress plugin, pair your devices, and you are ready to go!

Before installing this plugin, please make sure you don’t use any other plugins which modify the log in process.

For more information please check out our website at: https://magicpassword.io

If you need our support, please contact us at: support@magicpassword.io

Download Magic Password Android App
Download Magic Password iOS App

Note that although we do not require any registration, we do use third-party services in order to make this plugin work:

We place great emphasis on security and privacy, thus we don’t send or store any personal identifiable information (which includes not sending any e-mail addresses).

Screenshots

  • All you need to configure the plugin is to scan the QR code.
  • Application has been paired with WordPress account.
  • Login via Magic Password is configured.
  • Logging in with Magic Password.
  • To log in on a mobile device just tap the login QR code.
  • Login via Magic Password can be set as obligatory for specific roles.

Installation

  1. From the “Plugins” menu search for “Magic Password”, click “Install Now” and then “Activate”.
  2. Choose Magic Password from menu, download our mobile app.
  3. Scan the Magic Code through our app.
  4. That’s it!

Plugin requirements:

  • PHP 5.3.3 or newer (PHP 7 is recommended)
  • PHP extensions: cURL, GD, Multibyte String and OpenSSL
  • WordPress 4.2 or newer
  • JavaScript enabled

If you have any problems with the installation, please contact us at support@magicpassword.io

FAQ

Installation Instructions
  1. From the “Plugins” menu search for “Magic Password”, click “Install Now” and then “Activate”.
  2. Choose Magic Password from menu, download our mobile app.
  3. Scan the Magic Code through our app.
  4. That’s it!

Plugin requirements:

  • PHP 5.3.3 or newer (PHP 7 is recommended)
  • PHP extensions: cURL, GD, Multibyte String and OpenSSL
  • WordPress 4.2 or newer
  • JavaScript enabled

If you have any problems with the installation, please contact us at support@magicpassword.io

What do I need to start using Magic Password?

All you need to do is to download mobile app on your smartphone. Currently we support only iOS and Android systems.

iOS
Android

Is it really safe?

It might looks too easy to be secure, but in fact we worked really hard to create this service. Please note that we don’t keep any sensitive data (i.e. login or password) on our side. Additionally we pass whole communication through multilevel encryption system.

Will it always be free?

Yes! Magic Password will always be free.

What is your privacy policy?

We place great emphasis on security and privacy, thus we don’t send or store any personal identifiable information (which includes not sending any e-mail addresses). However, Magic Password sends to our API data which is important to provide website security and high quality technical support. Below you can find what kind of data is being sent:

  • Website URL with the name and version of the WordPress installation
  • PHP version
  • Magic Password version
  • Browser name

Thanks to this data we can show WordPress site name in our mobile application.

As of version 1.3.0, we also use this data to provide backward compatibility of our plugin, because we’ve changed the algorithm of generating encrypted data. Old versions use the old algorithm, so we need to know which version of our plugin is installed on a website.

This data is also necessary in order to provide technical support. Otherwise it would be very difficult to find the causes of problems experienced by our clients, because we would have to ask for this data each time someone reports an issue. This data gives us basic knowledge about the environment where our plugin is installed, so we have the ability to try to reproduce the same issue as our client’s.

Reviews

Good Plugin

Magic Password is a great plugin solution to make it easier for WordPress users to login. This is a new technology to improve the security of WordPress.

Read all 4 reviews

Contributors & Developers

“Magic Password” is open source software. The following people have contributed to this plugin.

Contributors

Translate “Magic Password” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.3.2 (Feb. 8, 2018)

  • Fixed broken AJAX requests

1.3.1 (Feb. 7, 2018)

  • Fixed algorithm of decoding WordPress site name
  • Default login view is a view of last used login method
  • Add prefixes to CSS classes in order to prevent collision
  • Notices about plugin requirements are not displayed if user is not an administrator
  • Increased size of modal window titles

1.3.0 (Jan. 22, 2018)

  • Changed algorithm of encrypting data
  • Added error logging
  • Added mechanism of displaying important messages about available new plugin versions
  • Minor front-end enhancements