With the Social Login extension, both you and your customers can log in to Plesk without a password using the following:

You can also log in with the Plesk username and password as usual.

The following Plesk users can log in to Plesk via Social Login:

  • Administrators
  • Resellers
  • Customers
  • Additional users (for example, application user, webmaster, and so on)

Logging in to Plesk Using Third-Party Accounts

You can log in to Plesk with a Google, GitHub, or Facebook account if the email address that you used to sign up for that account matches the one in your Plesk profile.

To log in to Plesk with a third-party account:

  1. Click the icon of the service you want to use to log in to Plesk (the email address that you used to sign up for the service must match the email address in your Plesk profile).

    image social login 1

  2. You will be asked to click a link to send the service sign-in data to Plesk. To avoid having to click the link in the future, select the “Trust … for 365 days and do not show this dialog” checkbox before clicking the link.

    image social login 2

If the email address of a third-party account (Google, GitHub, or Facebook), which you want to use to log in to Plesk, does not match the email address in your Plesk profile, you need first to link the third-party account to your Plesk account.

To link a third-party account to Plesk:

  1. Go to My Profile and scroll down to the “Link Plesk to a social network or add a passkey” section.

  2. Click the icon corresponding to the third-party account you want to use to log in to Plesk. Grey icons mark the services that are not yet linked to your Plesk account and cannot be used to log in to Plesk.

    image social login icons

  3. You will be asked to click a link to send the service sign-in data to Plesk. To avoid having to click the link in the future, select the “Trust … for 365 days and do not show this dialog” checkbox before clicking the link.

    image social login confirm data

The third-party account is now linked to your Plesk account. You can now log in to Plesk using that account.

image social login linked account

Note: Repeat steps 2-3 if you want to link more than one account.

Logging in to Plesk Using WebAuthn

WebAuthn (or Web Authentication) is a passwordless authentication protocol. It uses public-key cryptography to authenticate users to web-based applications and services. WebAuthn credentials are commonly referred to as “passkeys”.

Unlike password-based authentication, WebAuthn has the following benefits:

  • Stronger security:
    • Cryptographic WebAuthn credentials are stronger than passwords, which are often weak and reusable.
    • WebAuthn credentials are unique per website. This makes it impossible to exploit a single data breach to gain access to multiple services.
    • The private part of a credential is not stored on a server, which eliminates the risk of database leakage and password exposure.
  • Improved user experience. There is no need to remember complex passwords for numerous services.
  • Widespread support. WebAuthn is supported by all modern browsers as well as modern smartphones and computers.

WebAuthn support can be implemented in a variety of ways and can use different types of authenticators:

  • Software-based
  • Hardware-based (for example, USB keys)
  • PINs and passcodes
  • Biometric (such as fingerprint, face, or voice recognition), and so on.

For example, you can choose a software-based proprietary solution (like passkeys in Windows) or opt for a hardware-based open-source one (like SoloKeys). We list groups of popular WebAuthn implementations below:

  • Passkeys
  • OS- or vendor-specific storage (passkeys in Windows, iCloud Keychain)
  • Applications (1Password)
  • Mobile devices on iOS and Android
  • Hardware tokens (the Yubikey, Google Titan Security Key, Nitrokeys, Token2)
  • Open source solutions (SoloKeys, CanoKeys, Nitrokeys)

Plesk supports various WebAuthn implementations. We will show you how to log in to Plesk using passkeys in Windows as an example. If you choose a different WebAuthn implementation, refer to its respective documentation.

To log in to Plesk using passkeys, you need to add a passkey first.

To add a passkey:

  1. Go to My Profile and scroll down to the “Link Plesk to a social network or add a passkey” section.
  2. Click the image webauthn icon icon, and then click Add a passkey.
  3. The browser will ask you to create a passkey for your Plesk account. Confirm this action.
  4. Windows will ask you to confirm your identity. Confirm it, for example, by entering your PIN.
  5. Once you confirm your identity, the passkey will be added automatically.

You added the passkey, and the corresponding WebAuthn icon became active.

image active webauthn icon

You have added the passkey and can now log in to Plesk using that passkey.

To log in to Plesk using passkeys:

  1. Go to the Plesk login screen.
  2. Click the image webauthn icon icon.
  3. Select the passkey you want to use, and then confirm your identity (for example, by entering your PIN).

You have logged in to Plesk.

Hiding Social Login Icons

By default, all icons corresponding to password-free authentication (Google, GitHub, Facebook, and WebAuthn) are displayed on the Plesk login and “My Profile” screens. You can disable logging in to Plesk with one or more options and remove the corresponding icons from the screens. To do so, add the following lines to the panel.ini file:

[ext-social-login]
google.enabled = off
facebook.enabled = off
github.enabled = off
webauthn.enabled = off

For example, to make only the GitHub icon visible, add the following lines to panel.ini:

[ext-social-login]
google.enabled = off
facebook.enabled = off
webauthn.enabled = off

image social login github