Description
RapID Secure Login (RapID-SL) is a simple and convenient authentication replacement for Clef.
Enjoy hassle-free and secure user login to WordPress websites and blogs. RapID-SL combines simplicity with a great user experience, removing the need for vulnerable and inconvenient usernames and passwords.
Benefits
- 2FA with unrivalled ease of use.
- Up and running in a couple of minutes.
- A great alternative to Clef, with the added advantage of not relying on an external authentication service.
- Doesn’t rely on vulnerable and clumsy SMS one-time passwords.
- Use a second phone or tablet as a backup.
- Simple “scan and fingerprint” interface – no need to type anything.
- Fast sign-up to blogs and websites.
Features
- Easy log-in with your phone: simply scan a QR code using your phone, then provide a fingerprint or PIN – never need complex personal details or passwords again.
- Enterprise-grade cybersecurity technology, using 2048-bit cryptography, trusted by governments and corporations worldwide.
- Direct mobile browser login too – simply tap the on screen QR code for a prompt.
- Easy install: no coding or special knowledge required.
- Customized logon screens supported via simple WordPress “shortcodes”.
- Automatic login to multiple sites from multiple devices.
Service Platform Requirements
- Minimum WordPress version: 4.5
- Minimum PHP version: 5.2.4
- Minimum OpenSSL version: 1.0.2
Installation
- Install the plugin directly through the WordPress add plugins admin page.
- Install the RapID Secure Login app on your phone.
- Use the app to scan the QR Code in the RapID Secure Login Plugin Settings Page.
- Follow the instructions in the app to create a RapID account.
Once registered, you can use your phone to log in to your WordPress site and administer your account through the RapID dashboard
Your site must have correctly configured support for OpenSSL. Please check with your hosting service provider if you are unsure.
If your WordPress site uses self-signed certificates to support https (during local development for example), it will not be possible to configure the site correctly, as the plugin will not be able to trust the endpoint where the certificates will be uploaded. The solution would be to use a properly trusted certificate from a recognised certificate authority.
If your website uses a “privacy mode” or basic authentication to protect the WordPress administration area in addition to the normal WordPress login mechanism, it will not be possible for the plugin to configure the site correctly. The “privacy mode” or basic authentication will need to be turned off.
FAQ
- Installation Instructions
-
- Install the plugin directly through the WordPress add plugins admin page.
- Install the RapID Secure Login app on your phone.
- Use the app to scan the QR Code in the RapID Secure Login Plugin Settings Page.
- Follow the instructions in the app to create a RapID account.
Once registered, you can use your phone to log in to your WordPress site and administer your account through the RapID dashboard
Your site must have correctly configured support for OpenSSL. Please check with your hosting service provider if you are unsure.
If your WordPress site uses self-signed certificates to support https (during local development for example), it will not be possible to configure the site correctly, as the plugin will not be able to trust the endpoint where the certificates will be uploaded. The solution would be to use a properly trusted certificate from a recognised certificate authority.
If your website uses a “privacy mode” or basic authentication to protect the WordPress administration area in addition to the normal WordPress login mechanism, it will not be possible for the plugin to configure the site correctly. The “privacy mode” or basic authentication will need to be turned off.
- Can I log in to more than one account for each site?
-
Yes – when the RapID Secure Login app sees that you have more than one credential on your phone for the site, it lets you choose the one you want.
- What happens if I lose or change my phone?
-
At present, it is important that you keep a record of your original password, or that you are able to request an administrator reset from the sites you register with.
You can also have the app on more than one phone of course! Then you can log in again and re-register with your new phone. We do intend to introduce a secure, managed recovery service in the near future to make this even simpler.
- Can I still log in if the RapID service goes down?
-
Yes – the RapID Service is only used for creating your user credentials when you enrol. At the point of authentication, all messages are purely between the app and the WordPress site.
- Can I un-authorize a phone from my accounts?
-
Yes – just log in to your account, edit your WordPress profile and you can remove enrolled phones from your account. The site administrator can also do this on your behalf.
- Does RapID know my passwords or user ID?
-
No – RapID works independently of your passwords and user ID. You can change those and lock them away off-line!
When you create a RapID credential for your phone, the plugin internally generates a random unique identifier, which it associates with your WordPress ID. This random ID is the only WordPress account information the RapID app or service needs. Your actual ID and password are never sent outside your WordPress site.
- What does the service cost?
-
Your first 1000 licenses are absolutely free. After that, it is just $50 for every 5000 licenses each year. No catches, no extra fees, just a secure WordPress login for all of your users, at a price that won’t break the bank. Additional licenses can be purchased through the RapID web site.
- Where can I get technical assistance?
-
The RapID Secure Login Web site and Support Forum helps you to find answers to technical questions and lets site administrators post enquiries and comments.
Reviews
Better than Clef!
Excellent plugin. I have now transitioned from using Clef (which is now discontinued) to Rapid Secure Login.
I was able to quickly set up my sites with secure two factor authentication using this plugin and the RapID-SL app.
Now I have this, I won’t have to go back to insecure passwords 🙂
Quick, easy and secure. Highly recommended.
Simple and Secure – Fantastic
Rather than remembering a username/password combination this plugin allows you to log into your website using your smartphone and an onscreen QR code served by the WordPress plugin. Point your phone at the website login page and you’re in.
Account setup with RapID-SL is straightforward – after that all the security is taken care of by them.
There seem to be plenty of options to specify which of your users use the RapID login so for example admins can use RapID-SL to log in while casual commenters can log in with the usual password/username method.
I have several WordPress sites. The phone app stores the credentials for each of them and allows me to log in to each with its own secure encryption.
This is how my bank account login should work!
Great! No more passwords!
Although this is a fairly new plugin, I’ve already used RapID on three WP sites that I manage and found it really good so far. It works well with the app to let me have a single logon to all three sites, including more than one account on the same site.
It was easy to set up and use as a site admin (it took a couple of minutes) and even easier for my co-administrators and subscribers.
I like that I can logon at any computer just by scanning the screen with my phone, so I don’t have to enter my username of password at all. It even works from the browser on the phone itself by touching the barcode.
Thanks!
Contributors & Developers
“RapID Secure Login” is open source software. The following people have contributed to this plugin.
Contributors
“RapID Secure Login” has been translated into 1 locale. Thank you to the translators for their contributions.
Translate “RapID Secure Login” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
2.0.9
- Minor bug fixes.
2.0.8
- Roles implemented.
- Improved front end registration and settings page.
- Improved error handling.
- Minor bug fixes.
2.0.7
- Streamlined Sign up.
- Increased resiliency in processes.
- Minor bug fixes.
2.0.6
- Session bug fixes.
- Minor bug fixes.
2.0.5
- Credential storage update.
- Security fixes.
- Minor bug fixes.
2.0.4
- QR Code image optimisation.
- QR Code refreshing.
- Minor bug fixes.
2.0.3
- Updated readme.txt
2.0.2
- Improved upgrade path to not remove files before upgrade.
- Improved error handling for ajax pollers.
2.0.1
- Updated information on plugin settings page.
- Updated readme.txt.
- Minor bug fixes for front end registration and browser compatibility.
2.0.0
- Ajax entry points naming standardized
- Migrate to JSON Ajax data throughout
- File-based polling check to avoid full stack load
