Lack of interest Support for Apple's Passkeys

This suggestion has been closed automatically because it did not receive enough votes over an extended period of time. If you wish to see this, please search for an open suggestion and, if you don't find any, post a new one.
This suggestion has been closed. Votes are no longer accepted.
The Dark Wizard said:
Hi,

I'm suggesting support for Apple's Passkeys.

developer.apple.com

Supporting passkeys | Apple Developer Documentation

Eliminate passwords for your users when they sign in to apps and websites.
developer.apple.com developer.apple.com
Click to expand...
Done. (Well it's an add-on anyway.)

Passkey is Apple's naming for security keys/WebAuthn/FIDO2. Existing iPhones/Macs already work with it, Apple is just extending it so the device itself isn't the only device that the private key lives on (they are basically doing what they already do, and then adding the ability to sync the private key across multiple devices via iCloud Keychain).

xenforo.com

[DigitalPoint] Security & Passkeys

Features Support for Passkeys (also known as WebAuthn / FIDO2 security keys) as two-step authentication (hardware devices such as YubiKeys are what large tech companies such as Google require their employees to use to keep their accounts...
xenforo.com xenforo.com
 
digitalpoint said:
Done. (Well it's an add-on anyway.)

Passkey is Apple's naming for security keys/WebAuthn/FIDO2. Existing iPhones/Macs already work with it, Apple is just extending it so the device itself isn't the only device that the private key lives on (they are basically doing what they already do, and then adding the ability to sync the private key across multiple devices via iCloud Keychain).

xenforo.com

[DigitalPoint] Security & Passkeys

Features Support for Passkeys (also known as WebAuthn / FIDO2 security keys) as two-step authentication (hardware devices such as YubiKeys are what large tech companies such as Google require their employees to use to keep their accounts...
xenforo.com xenforo.com
Click to expand...
Essentially like Authy/Bitwarden's paid plans support for 2FA?
 
digitalpoint said:
No clue what that is, so not sure. If it’s security keys/FIDO2/WebAuthn, then sure.
Click to expand...
Authy is what you can use for the push authentication on android at least, where you verify you're logging in via your phone.
Bitwarden's 10/yr plan has a way to embed 2FA into the password entries and auto copies the 2FA after pasting password.
 
If it’s a password manager, or a changing number generator, then no, that’s different. This uses public/private key cryptology at its core similar to how you keep cryptocurrency secure.
 
digitalpoint said:
Done. (Well it's an add-on anyway.)

Passkey is Apple's naming for security keys/WebAuthn/FIDO2. Existing iPhones/Macs already work with it, Apple is just extending it so the device itself isn't the only device that the private key lives on (they are basically doing what they already do, and then adding the ability to sync the private key across multiple devices via iCloud Keychain).

xenforo.com

[DigitalPoint] Security & Passkeys

Features Support for Passkeys (also known as WebAuthn / FIDO2 security keys) as two-step authentication (hardware devices such as YubiKeys are what large tech companies such as Google require their employees to use to keep their accounts...
xenforo.com xenforo.com
Click to expand...

Definitely going to take a look at your addon but I think the suggestion is valid. I think something like this should be out of the box, so it reaches as many communities as possible and thus as many users as possible.
 
The Dark Wizard said:
Definitely going to take a look at your addon but I think the suggestion is valid. I think something like this should be out of the box, so it reaches as many communities as possible and thus as many users as possible.
Click to expand...
Yep, agreed. There's a suggestion for it already here: https://xenforo.com/community/threa...using-web-authentication-api-webauthn.145757/

Also, there would need to be some fundamental changes to XenForo to use it as true password-less authentication system. For example, if you were to use it as a primary authentication system with how XenForo works now, it really doesn't save time for the user. Like if you are going for one-click and registered, you have the issue of the user not having a username or email address, which gets tricky with XenForo and how users have to have a username. The other option is making users then pick a username and enter an email... at which point they aren't really saving any time, because you are back to what they are already doing to register.

I touched a little on it here: https://xenforo.com/community/threa...thentication-api-webauthn.145757/post-1570924

It is a fantastic option for two-step verification though (and that fits well within XenForo's existing scheme).

It's also probably why the companies that support it for end users (not just internal employees), I have yet to see one that uses it for true password-less login/registration. It's always used as a two-step verification. More on that here: https://xenforo.com/community/threa...thentication-api-webauthn.145757/post-1571276

It would be tough to rework XenForo in a way where usernames and emails are optional for users to support a true password-less registration flow.
 

Similar threads

K
  • Suggestion Suggestion
Add support for automated CFBL management
Replies
1
Views
210
markku
markku
nevershutup
  • Question Question
XF 2.3 Detailed support for migrating off the Cloud?
Replies
5
Views
311
Mouth
Mouth
TimWilson
  • Suggestion Suggestion
Add inline support for m4a audio
Replies
2
Views
229
TimWilson
TimWilson
K
  • Suggestion Suggestion
Add support for Signed Add-ons
Replies
2
Views
314
Kirby
K
K
  • Suggestion Suggestion
Lack of interest Add support for async image decoding
Replies
0
Views
362
Kirby
K
Top Bottom