Capsquery Facial Authentication
Capsquery Facial Authentication adds a Login with Face button to wp-login.php and a [capsquery_facial_authentication] shortcode for front-end pages.
How it works
- A user can enrolls their face from Users → Profile.
- They set a 4–8 digit PIN as a second factor.
- At login, the browser captures the face locally using face-api.js.
- An encrypted face descriptor is matched on the server.
- The user confirms their identity and enters their PIN.
- Face descriptors encrypted at rest (AES-256-GCM)
- PIN stored as a secure hash
- Rate limiting and brute-force protection
- GDPR export/erase support
Third-party library
Face detection and recognition run entirely in the visitor’s browser using face-api.js (MIT license), bundled under assets/vendor/. Its pretrained model weights are required for the plugin to function and are bundled under assets/models/. Since the raw weight files have no meaningful file extension, each one is stored base64-encoded inside a small .json wrapper file and decoded on request by a plugin REST endpoint — no external network calls or third-party servers are involved.
Requirements
- HTTPS (or localhost for development) — browsers require a secure context for camera access
- PHP OpenSSL extension
- A webcam on the client device
Support
Need help or have questions?
Website: https://capsquery.com/ Email: arijit.paul@capsquery.com
