Already have passQi on your iPhone?
Drag the button on the right, and drop it onto the bookmark bar of your browser -

Show me!


Next-level multi-factor authentication:

passQi mFactor



Deploy in Minutes


Designed for you




The mFactor advantage

passQi mFactor works with the passQi 2 app to provide unparalleled level of account security for your website.

  • Easy to Adopt with a plugin install for WordPress (or custom integration for other hosts) and a single profile settings checkbox to require passQi for user login
  • Administrators have fine grain control over allowing or requiring passQi mFactor for specific users and roles.
  • No changes to the login/authentication flow
  • Superior security with two layers of encryption – from different sources – required to reconstruct the underlying token
  • Available Touch ID requirement ensures the user is present at the time of authentication


WordPress is vulnerable

20% of the web runs on WordPress

The most targeted and attacked platform, more than all other CMS combined – bot networks are deployed by hackers round the clock to brute-force attack WordPress sites.

Every place that your users use the same password, increases your vulnerability

Real. Secure.

Sites using passQi mFactor authentication system receive a site-specific public key which is used in conjunction with a passQi cloud private key in encrypting the mFactor token relayed between the user’s passQi 2 app and the site. mFactor allows the site authentication to determine definitively that the user was in possession of their smartphone device at the time of authentication, without requiring a secondary challenge. Requiring a user to use the passQi 2 app means that even if the user’s password information was compromised, it would not allow login to your site without using the passQi 2 app on the user’s phone.

Want to go deeper?

Download our mFactor white paper

Get the passQi mFactor White Paper

Also details the support for TOTP style two-step verification built in to the passQi smartphone app

– allowing you to use the same app to easily secure your WordPress sites and leverage existing support for TOTP at other sites –  

… And explains why passQi mFactor is both more secure and convenient than two-step verification.  

How do I start securing my site with passQi mFactor?

  1. Install the WordPress plugin .
  2. Get a public key at the passQi mFactor store (free certs available for personal and non-commercial sites)
    • Follow key installation workflow in plugin passQi mFactor page in Users Menu
    • Or visit passQi mFactor store.
  3. Set up access control (require/allow/disallow) mFactor and touchQi by user or role
  4. Have users download the free passQi 2 app and drag the passQi bookmark to your bookmark bar

What would it take to hack an account on a passQi mFactor secured site:

  1. Physically steal the user’s smartphone
  2. Crack the phone security
  3. Guess the user pin before it locks out
  4. Steal user’s thumb if they have touchQi enabled
  5. Accomplish the above before the user remotely deletes the device vault

Just having – or guessing – the user’s password won’t do it.



Supported smartphone apps for passQi mFactor