Secure Passkeys

1.2.5 2026-04-24

• Add – Added support for Sherlocked authenticator with its AAGUID.
• Add – Added support for Sticky Password Manager authenticator with its AAGUID.
• Add – Added support for Passwall authenticator with its AAGUID.
• Add – Added support for Burp Suite Navigation Recorder authenticator with its AAGUID.
• Fix – Fixed an issue where 180 and 365 days could not be saved as cleanup periods.

1.2.4 2026-01-30

• Add – Added support for Heimlane Vault authenticator with its AAGUID.
• Fix – Resolved compatibility issues where 2FA plugins would block passkey login.

1.2.3 2025-12-03

• Add – Added support for AliasVault authenticator with its AAGUID.
• Tweak – Updated iCloud Keychain entry to Apple Passwords with new icon.

1.2.2 2025-09-17

• Security – Enhanced permission checks for administrative functions to prevent potential unauthorized access.
• Add – Added support for initial authenticator with its AAGUID.
• Fix – Resolved multiple PHP notices by correcting the improper use of wpdb::prepare() on static database queries.
• Tweak – Corrected a typo in the plugin description for proper grammar.

1.2.1 2025-08-21

• Add – Updated Microsoft Password Manager AAGUID icon.
• Add – Added Chromium Browser AAGUID icon (previously had no icon).
• Fix – Fixed “You are not authorized to make this request” error caused by missing or empty HTTP_REFERER.

1.2.0 2025-08-10

• Add – Added option to enable/disable passkeys reminder notice in WordPress admin for users without passkeys enabled.
• Add – Added support for Microsoft Password Manager authenticator with its AAGUID.
• Tweak – Changed excluded roles selection from multiple select dropdown to individual checkboxes for better usability.
• Fix – Improved autoloader class file path handling for better compatibility across different operating systems and environments.

1.1.0 2025-08-04

• Add – Added support for the Ultimate Member plugin.
• Add – Added an option to automatically generate security key name for new passkeys, so users are no longer required to enter one manually.
• Add – Added an option to disable the logging of user activity.
• Tweak – Added extra_wrapper_classes and extra_button_classes attributes to the [secure_passkeys_login_form] shortcode for easier CSS customization.
• Fix – Corrected an issue where the used_at timestamp for a challenge was not being updated correctly in the database.
• Fix – Removed the Accept-Encoding header from the fingerprint calculation to prevent potential validation errors.
• Fix – Improved localization by removing HTML from translatable strings, ensuring they can be translated properly.
• Fix – Resolved a PHP warning on the “Activity Log” caused by an attempt to process a non-existent is_active property on log records.

1.0.0 2025-03-05

• Initial release.