Lack of interest Support for Apple's Passkeys

This suggestion has been closed automatically because it did not receive enough votes over an extended period of time. If you wish to see this, please search for an open suggestion and, if you don't find any, post a new one.
This suggestion has been closed. Votes are no longer accepted.
The Dark Wizard said:
Hi,

I'm suggesting support for Apple's Passkeys.

developer.apple.com

Supporting passkeys | Apple Developer Documentation

Eliminate passwords for your users when they sign in to apps and websites.
developer.apple.com developer.apple.com
Click to expand...
Done. (Well it's an add-on anyway.)

Passkey is Apple's naming for security keys/WebAuthn/FIDO2. Existing iPhones/Macs already work with it, Apple is just extending it so the device itself isn't the only device that the private key lives on (they are basically doing what they already do, and then adding the ability to sync the private key across multiple devices via iCloud Keychain).

xenforo.com

[DigitalPoint] Security

Features Option for Days to trust two-step verification. Now you can set it to whatever is appropriate for your site, vs it being hardcoded to 30 days in XenForo. Option for Recommended strong two-step options. This allows you to encourage...
xenforo.com xenforo.com
 
digitalpoint said:
Done. (Well it's an add-on anyway.)

Passkey is Apple's naming for security keys/WebAuthn/FIDO2. Existing iPhones/Macs already work with it, Apple is just extending it so the device itself isn't the only device that the private key lives on (they are basically doing what they already do, and then adding the ability to sync the private key across multiple devices via iCloud Keychain).

xenforo.com

[DigitalPoint] Security

Features Option for Days to trust two-step verification. Now you can set it to whatever is appropriate for your site, vs it being hardcoded to 30 days in XenForo. Option for Recommended strong two-step options. This allows you to encourage...
xenforo.com xenforo.com
Click to expand...
Essentially like Authy/Bitwarden's paid plans support for 2FA?
 
digitalpoint said:
No clue what that is, so not sure. If it’s security keys/FIDO2/WebAuthn, then sure.
Click to expand...
Authy is what you can use for the push authentication on android at least, where you verify you're logging in via your phone.
Bitwarden's 10/yr plan has a way to embed 2FA into the password entries and auto copies the 2FA after pasting password.
 
If it’s a password manager, or a changing number generator, then no, that’s different. This uses public/private key cryptology at its core similar to how you keep cryptocurrency secure.
 
digitalpoint said:
Done. (Well it's an add-on anyway.)

Passkey is Apple's naming for security keys/WebAuthn/FIDO2. Existing iPhones/Macs already work with it, Apple is just extending it so the device itself isn't the only device that the private key lives on (they are basically doing what they already do, and then adding the ability to sync the private key across multiple devices via iCloud Keychain).

xenforo.com

[DigitalPoint] Security

Features Option for Days to trust two-step verification. Now you can set it to whatever is appropriate for your site, vs it being hardcoded to 30 days in XenForo. Option for Recommended strong two-step options. This allows you to encourage...
xenforo.com xenforo.com
Click to expand...

Definitely going to take a look at your addon but I think the suggestion is valid. I think something like this should be out of the box, so it reaches as many communities as possible and thus as many users as possible.
 
The Dark Wizard said:
Definitely going to take a look at your addon but I think the suggestion is valid. I think something like this should be out of the box, so it reaches as many communities as possible and thus as many users as possible.
Click to expand...
Yep, agreed. There's a suggestion for it already here: https://xenforo.com/community/threa...using-web-authentication-api-webauthn.145757/

Also, there would need to be some fundamental changes to XenForo to use it as true password-less authentication system. For example, if you were to use it as a primary authentication system with how XenForo works now, it really doesn't save time for the user. Like if you are going for one-click and registered, you have the issue of the user not having a username or email address, which gets tricky with XenForo and how users have to have a username. The other option is making users then pick a username and enter an email... at which point they aren't really saving any time, because you are back to what they are already doing to register.

I touched a little on it here: https://xenforo.com/community/threa...thentication-api-webauthn.145757/post-1570924

It is a fantastic option for two-step verification though (and that fits well within XenForo's existing scheme).

It's also probably why the companies that support it for end users (not just internal employees), I have yet to see one that uses it for true password-less login/registration. It's always used as a two-step verification. More on that here: https://xenforo.com/community/threa...thentication-api-webauthn.145757/post-1571276

It would be tough to rework XenForo in a way where usernames and emails are optional for users to support a true password-less registration flow.
 

Similar threads

Orit
  • Suggestion Suggestion
Add support for libvips
Replies
14
Views
207
Arantor
Arantor
K
  • Suggestion Suggestion
Add support for automated CFBL management
Replies
2
Views
234
MaximilianKohler
M
Mouth
  • Suggestion Suggestion
Add support for using Symfony Mail's native 3rd Party Transport functionality
Replies
0
Views
41
Mouth
Mouth
nevershutup
  • Question Question
XF 2.3 Detailed support for migrating off the Cloud?
Replies
5
Views
320
Mouth
Mouth
TimWilson
  • Suggestion Suggestion
Add inline support for m4a audio
Replies
2
Views
230
TimWilson
TimWilson
Back
Top Bottom