Skip to content
WordPress.org

Norsk (Nynorsk)

  • Bunader
  • Innstikk
  • News
  • Om
  • Bidra til nynorskomsetjinga
  • Remembers
  • Blocks
  • Kontakt oss
  • Education
  • WP-CLI
  • Get WordPress
Get WordPress
WordPress.org

Plugin Directory

Capsquery Facial Authentication

  • Submit a plugin
  • My favorites
  • Log in
  • Submit a plugin
  • My favorites
  • Log in

Capsquery Facial Authentication

Av arijit1992
Last ned
  • Detaljar
  • Omtalar
  • Installasjon
  • Utvikling
Hjelp

Skildring

Capsquery Facial Authentication adds a Login with Face button to wp-login.php and a [capsquery_facial_authentication] shortcode for front-end pages.

How it works

  1. A user can enrolls their face from Users → Profile.
  2. They set a 4–8 digit PIN as a second factor.
  3. At login, the browser captures the face locally using face-api.js.
  4. An encrypted face descriptor is matched on the server.
  5. The user confirms their identity and enters their PIN.
  • Face descriptors encrypted at rest (AES-256-GCM)
  • PIN stored as a secure hash
  • Rate limiting and brute-force protection
  • GDPR export/erase support

Third-party library

Face detection and recognition run entirely in the visitor’s browser using face-api.js (MIT license), bundled under assets/vendor/. Its pretrained model weights are required for the plugin to function and are bundled under assets/models/. Since the raw weight files have no meaningful file extension, each one is stored base64-encoded inside a small .json wrapper file and decoded on request by a plugin REST endpoint — no external network calls or third-party servers are involved.

Requirements

  • HTTPS (or localhost for development) — browsers require a secure context for camera access
  • PHP OpenSSL extension
  • A webcam on the client device

Support

Need help or have questions?

Website: https://capsquery.com/
Email: arijit.paul@capsquery.com

Skjermbilete

Login page with Face Authentication enabled.
Login page with Face Authentication enabled.
User Face Enrollment screen.
User Face Enrollment screen.
PIN verification after successful face recognition.
PIN verification after successful face recognition.
Plugin Settings page.
Plugin Settings page.
Successful facial authentication login.
Successful facial authentication login.
Unlock with pin page.
Unlock with pin page.

Installasjon

  1. Upload the plugin folder to /wp-content/plugins/capsquery-facial-authentication/ or install via Plugins → Add New.
  2. Activate the plugin.
  3. Go to Settings → Facial Authentication and confirm Facial Authentication is enabled.
  4. As a user, open Users → Profile, enroll your face, and set a PIN.
  5. Visit wp-login.php and click Login with Face.

Vanlege spm.

Who can use Capsquery Facial Authentication in the free version?

On a single site, this is typically users with the any role.

Are photos stored on the server?

No. The plugin stores an encrypted mathematical face descriptor (128 numbers), not an image.

Is face matching alone enough to log in?

No. A successful face match must be followed by the correct PIN.

Does it work without HTTPS?

No. Modern browsers block camera access except on HTTPS or localhost.

How do I add Facial Authentication to a page?

Use the shortcode: [capsquery_facial_authentication] or [capsquery_facial_authentication redirect="/my-account"]

What are the .json files under assets/models?

They are the pretrained face-api.js (MIT-licensed) neural network weights needed for on-device face detection and recognition. The library’s raw weight files have no standard file extension, so each one is base64-encoded and wrapped in a .json file; the plugin decodes and streams it back out through its own REST endpoint when the browser loads the model. They are required — the plugin cannot detect or recognize faces without them.

Omtalar

There are no reviews for this plugin.

Bidragsytarar og utviklarar

“Capsquery Facial Authentication” is open source software. The following people have contributed to this plugin.

Contributors
  • arijit1992

Omset “Capsquery Facial Authentication” til ditt eige språk.

Interested in development?

Les kjeldekoden, sjekk SVN-lageret eller abonner på utviklingsloggen med RSS.

Endringslogg

1.1.0

  • Admin settings page (enable/disable, match sensitivity)
  • Security fixes: removed user_id override, improved REST validation, proper rate-limit responses
  • Privacy/GDPR export and erasure support
  • uninstall.php for clean removal
  • Conditional shortcode asset loading

1.1.1

  • Security improvements

1.1.2

  • Fixed issues reported during WordPress.org plugin review.
  • Code cleanup and compliance improvements.

1.1.3

  • Improved facial recognition security by lowering the default matching threshold.
  • Updated available recognition sensitivity presets.
  • Minor security and performance improvements.
  • Improve face detection in low light visibility
  • Minor design improvement

1.1.4

  • Minor change in shortcode condition to fix shortcode js loading issue

Om

  • Version 1.1.4
  • Last updated 2 dagar sidan
  • Active installations Færre enn 10
  • WordPress version 6.0 eller nyare
  • Tested up to 7.0.2
  • PHP version 7.4 eller nyare
  • Language
    English (US)
  • Tags
    authenticationbiometricloginsecurity
  • Avansert vising

Vurderingar

No reviews have been submitted yet.

Your review

See all reviews

Contributors

  • arijit1992

Hjelp

Har du noko å seia? Treng du hjelp?

Sjå hjelpeforumet

  • About
  • News
  • Hosting
  • Privacy
  • Showcase
  • Themes
  • Plugins
  • Patterns
  • Learn
  • Support
  • Developers
  • WordPress.tv ↗
  • Get Involved
  • Events
  • Donate ↗
  • Five for the Future
  • WordPress.com ↗
  • Matt ↗
  • bbPress ↗
  • BuddyPress ↗
WordPress.org
WordPress.org

Norsk (Nynorsk)

  • Visit our X (formerly Twitter) account
  • Visit our Bluesky account
  • Visit our Mastodon account
  • Visit our Threads account
  • Visit our Facebook page
  • Visit our Instagram account
  • Visit our LinkedIn account
  • Visit our TikTok account
  • Visit our YouTube channel
  • Visit our Tumblr account
Kode er poesi.
The WordPress® trademark is the intellectual property of the WordPress Foundation.