[Webkit-unassigned] [Bug 213610] New: [WebAuthn] Support device passcode as well as biometrics
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jun 25 10:33:36 PDT 2020
https://bugs.webkit.org/show_bug.cgi?id=213610
Bug ID: 213610
Summary: [WebAuthn] Support device passcode as well as
biometrics
Product: WebKit
Version: Safari Technology Preview
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit Misc.
Assignee: webkit-unassigned at lists.webkit.org
Reporter: cbrand at google.com
>From the demo, it looks like WebAuthn "platform" support is restricted to biometrics. This is challenging from an accessibility standpoint as well as just in-general for user experience. Is it possible to add the ability to unlock keys using "anything the device can be unlocked with" here? This seems to be in-line with how WebAuthn platform authenticators are implemented elsewhere (Windows Hello, Android, etc). There doesn't seem to be a security benefit to doing it the way it's currently being done, unless all platform keys are blown away on biometric profile change, which I think will be unfortunate.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200625/cd404fc2/attachment.htm>
More information about the webkit-unassigned
mailing list