Craft CMS 5 Guide

2FA and Passkey in Craft CMS 5

How to use 2FA and Passkey support in Craft CMS 5.

There are two impor­tant account secu­ri­ty changes in Craft CMS 5 that will make user authen­ti­ca­tion more inline with best prac­tices for web applications.

The two new addi­tions to Craft 5 are:

  1. 2FA — two-fac­tor authen­ti­ca­tion using Duo Mobile, Google Authen­ti­ca­tor, Microsoft Authen­ti­ca­tor or a sup­port­ed pass­word man­ag­er like 1Password or Bitwarden.
  2. Passkey — A replace­ment for pass­words built on WebAu­thn. This type of pub­lic and pri­vate key authen­ti­ca­tion hap­pens at the oper­at­ing sys­tem lev­el and doesn’t require an addi­tion­al appli­ca­tion or set­up. On macOS, iOS, and iPa­dOS this means we can use Touch­ID or FaceID to log in to the con­trol panel.

Craft CMS 5 Guide is made up of the following videos: