-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FEATURE]: allow not only passwords but also passkeys #615
Comments
As a Note: So no magic here, just plain old putting your stuff where the website expects the real stuff. |
Bitwarden does this very well and it’s open source as far as I know. Their iPhone app doesn’t support it yet it seems but the browser extensions work great, nice UI and UX. Works really smoothly with my Nextcloud instance for login but also GitHub and many others. Also syncs everything between devices with E2E using a master password derived key. I believe on the server side it’s just a simple json data structure for a passkey. The clients probably need to plug in to the browser/os API as a passkey provider. |
seems proton pass now also has support for this |
Should be a must have. We see a slow transition towards Passkeys as a alternative to the password-based Login processes. |
PS: The iOS app supports passkeys |
Does it? Or do you confuse TOTP codes (123-456) with Passkeys? |
It would be really great if support for passkeys could be added. |
Current Status
Only passwords can be created/saved/synced
Feature Description
Passkeys are getting more and more popular and there is now broad support by operating systems and to some extent other password managers. Eventually they might replace passwords entirely.
In my opinion their key feature for future success is the syncronization of passkeys between different devices, as the major drawback is the hassle to set up passkey sign in for each and every combination of webservice and device.
To some extent the 3 major players in the game (Apple, Microsoft and Google) support the syncronization, but as often, you are locked into their respective ecosystems. Adding to that, you have to trust those companies enough to hand them all your keys.
My suggestion now is to support the same workflow for passkeys as it is supported for passwords, including:
A real life scenario of mine would look like this:
This workflow is currently not supported by the default operating system implementations as their boundaries are crossed and one has to rely on 3rd party providers.
Additional Context
The described scenario may not be relevant for everyone, but will be in the future as support for passkeys is growing and login via password will get less frequent.
This exact workflow described can be tested now using 1password (maybe the beta version).
1Password can be tested for 14 days for free.
There are the issues #545 and #353 but they are either unclear or focus on hardware keys.
The text was updated successfully, but these errors were encountered: