Feature: Security keys can now be used as a two-step authentication method [!!!REQUIRES PHP 7.2 OR HIGHER!!!] Feature: Security keys can now be integrated with password confirm screens [!!!REQUIRES PHP 7.2 OR HIGHER!!!] Change: Rename a couple of database columns to ensure they comply with the resource guidelines Fix: Fix a regression with the HIBP API
This version is a major upgrade, adding support for various kinds of security keys (such as a YubiKey) to the Two-Step Authentication feature, as well as the password confirmation screen.
Setting up a security key as a two-step authentication method is as easy as it is on any other site; navigate to the Two-Step screen in XenForo, and click "Enable" next to "Verification via security key". Once enabled, repeat visits to the Two-Step screen can also take advantage of your security key to bypass needing to enter your password.
This feature even works with "Windows Hello", found in the Microsoft Edge browser for Windows 10. You don't even need a physical security key!
(The computer needs to support the Trusted Platform Module to enable this feature.)