search

cedarcode / webauthn-rails-demo-app

Rails app demonstrating a WebAuthn password-less login
https://webauthn.cedarcode.com
Apache License 2.0
97 stars 39 forks source link

Implement Sign in with a passkey through form autofill #130

Open truongnmt opened 1 year ago

truongnmt commented 1 year ago

Why

the transition from password to passkey-based authentication can be challenging. As users switch to passkeys, there will still be those who use passwords and websites will need to accommodate both types of users. Users themselves should not be expected to remember on which sites they've switched to passkeys, so asking users to select which method to use up front would be poor UX.

Thus, the passkey dialog prompt still appears on devices in which the passkey is not available. In order to cancel passkey sign-in and proceed to the password input page, the user must press "cancel" on the prompt. Such behavior is extremely confusing to the users, and annoying those who are simply trying to sign in.

Instead of showing passkey dialog after entering email, the recommended way is using conditional UI to include passkeys in autofill suggestions.

Ref:

image
truongnmt commented 1 year ago

I did a sample implementation in #129