An exciting release, which includes a great new feature:

Thanks to the API’s new Application Passwords authorization feature, third-party apps can connect to your site seamlessly and securely. This new REST API feature lets you see what apps are connecting to your site and control what they do.

This gives you the ability to authenticate an app or service with WordPress using a password created specifically for that connection. And you can revoke that password as you see fit — keeping your site secure without having to change your password and re-authenticate in any app or service connected to your site.

But what’s more exciting is that this opens the door to natively supporting two factor authentication in the future. If that’s something you’d like to add with a plugin now, I use Two-Factor.

And for more information about Application Passwords, there’s an excellent integration guide available.

➝ Source: wordpress.org