Opened 18 months ago
Last modified 10 months ago
#18426 new enhancement
WebAuthn support in WebPositive — at Version 2
| Reported by: | kallisti5 | Owned by: | pulkomandy |
|---|---|---|---|
| Priority: | normal | Milestone: | Unscheduled |
| Component: | Kits/Web Kit | Version: | R1/beta4 |
| Keywords: | Cc: | nephele | |
| Blocked By: | Blocking: | ||
| Platform: | All |
Description (last modified by )
WebPositive badly needs FIDO2 / Webauthn support.
Passwordless logins (pure OTP auth) are taking off (removing the password concept from OTP), and we have zero support. As these Webauthn / passwordless services become more widely accepted, users will begin to be unable to login to their favorite web applications from Haiku
- Additional Information: https://en.wikipedia.org/wiki/WebAuthn
- Additional Information: https://fidoalliance.org/fido2/
- WebAuthN: https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API
- Hardware: https://www.yubico.com/products/yubikey-5-overview/
Devices like the Yubikey present as USB HID devices, so hardware already works today.
1050:0407 /dev/bus/usb/1/2 "Yubico.com" "Yubikey 4/5 OTP+U2F+CCID" ver. 0437
Usage is already pretty wide-spread across browsers: https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API#browser_compatibility
Change History (4)
comment:1 by , 18 months ago
comment:2 by , 18 months ago
| Description: | modified (diff) |
|---|---|
| Summary: | FIDO2 support in WebPositive → WebAuthn support in WebPositive |
Note:
See TracTickets
for help on using tickets.
As a side note, I'm pretty sure Haiku, Inc. would be willing to fund some FIDO2 devices to any developers interested in improving support.
One motivation for me was looking at passwordless.dev, we could really use an external user directory, and passwordless logins via FIDO2 devices is compelling.