Enabling SSI Login for Every WordPress Site

Associazione Blockchain Italia used Trinsic to create a plugin that gives any WordPress site the ability to embed self-sovereign identity capabilities for login.

About

Associazione Blockchain Italia (the Italian Blockchain Association) is a nonprofit organization that focuses on fostering discussions around the research, development, and advocacy of blockchain-based solutions. The group specifically focuses on the economic, technological, legal, and social implications that blockchain applications will have on society.


In 2020, Associazione Blockchain Italia won an NGI eSSIF-Lab Infrastructure Grant due to its proposal of creation of the WordPreSSI Login—a plugin for WordPress sites that enables a login experience using verifiable credentials instead of using usernames and passwords. With the grant’s backing, Associazione Blockchain Italia is working on making the plugin publicly accessible as soon as possible in order to contribute to the SSI ecosystem and facilitate to the adoption of the technology. Below we detail how and why Associazione Blockchain Italia used Trinsic to build WordPreSSI Login.

The problem

Associazione Blockchain Italia wanted to find an effective way to show the potential of self-sovereign identity (SSI) and verifiable credentials. Its organization members decided that in order to encourage the adoption of verifiable credentials, they needed to create a solution that addressed a problem that is felt by a wide range of people on a regular basis. With that criteria in mind, they chose to focus on improving the login experience as their first use case.


According to statistics, WordPress powers 39% of websites around the world. In order to access a WordPress account, an account administrator must log in. This process is done through entering a username and password. Associazione Blockchain Italia decided that it would build a plugin, called WordPreSSI Login, that would enable any WordPress website to embed login using verifiable credentials instead of usernames and passwords. After scoping the project, Associazione Blockchain Italia needed to find the verifiable credential infrastructure to power its first release of the plugin.

“We studied all of the tools and libraries in the SSI space and found Trinsic to be the most effective for spinning up development and having a working project in weeks.”

Fabio Lecca, Advisor & Project Coordinator, Associazione Blockchain Italia

The solution

After evaluating the different options in the market, Associazione Blockchain Italia decided to use Trinsic to power the verifiable credential infrastructure in the first version of its WordPreSSI Login plugin. The organization determined that Trinsic had the best developer tools to quickly implement verifiable credentials. With Trinsic Core—Trinsic’s API—Associazione Blockchain Italia was able to create their plugin in a few weeks.

The benefits of using the WordPreSSI Login plugin include:

  • Increased website security: Traditionally, WordPress websites store users’ usernames and passwords on servers which then become prime targets for hackers. With the WordPreSSI Login plugin, users’ verifiable credentials are exchanged at the start of user sessions and not stored on the server.
  • A streamlined login experience: With the ability to login with verifiable credentials, users no longer have to remember their usernames and passwords and can instead login with a click of a button with verifiable credentials.
  • Users control their data: The WordPreSSI Login plugin gives users the ability to no longer rely on centralized parties for storage and management of their personal login information.


Website administrators can implement the WordPreSSI Login plugin in minutes. Once implemented, users then have the option to login with verifiable credentials. To do so, a user would first need to download a digital identity wallet (like the Trinsic Wallet) to scan the QR code that is given upon user registration. The user’s login credential would then be sent to and stored in the Trinsic Wallet. The next time the user wants to access the WordPress website, he or she would receive a notification in the Trinsic Wallet asking if they would like to share their login credential, which they can approve at a click of a button. No more passwords (and more importantly, no more password resets). Login just got a whole lot easier!

When a website has the WordPreSSI Login plugin enabled, these are the registration screens a user would see when registering to receive their verifiable login credential.
To receive the credential, a user must store it in a digital identity wallet, like the Trinsic Wallet. Once the user scans the QR code that the WordPreSSI Login plugin generates, a verifiable login credential will be sent to the user's digital wallet.
Because of the WordPreSSI Login plugin, a user no longer has to remember usernames and passwords and can instead seamlessly log in to a website with a verifiable credential.

"The WordPressSSI Login plugin's main value is increased website security and how easy it makes the login process. You don’t have to remember any more passwords."

Massimo Romano, Project Technical Leader, Associazione Blockchain Italia