MasterKale
commented
1 year ago I don't think this is an issue with webauthn.io - that sounds like an error within Android. Can you try another test site to see if that site has the same issue?
Closed tector closed 1 year ago
MasterKale
commented
1 year ago I don't think this is an issue with webauthn.io - that sounds like an error within Android. Can you try another test site to see if that site has the same issue?
tector
commented
1 year ago I tested it with another site and got the same result.
I am very new to the topic and i guess i just missunderstood something:
When i create an Identity with the security key on Windows 11 then it is handled by Windows Hello. So the Identity is stored in Windows Hello. I guess i can't use the same Identity then in Androids PW Manager - i need to create a new one there.
The issue is: then i have two different identities for the SAME website i want to access.
What is the solution for this issue? Do we have to wait for Browser support with syncing Identities between devices, so i can use the same identity on different devices?
But how can i understand the flag for multi-device-passkeys? Any proper way (any test website?) where i can test this?
MasterKale
commented
1 year ago I guess i can't use the same Identity then in Androids PW Manager - i need to create a new one there.
Correct, WebAuthn credentials won't synchronize between Windows Hello and Android, you'd need to register both authenticators to be able to log in from either.
The issue is: then i have two different identities for the SAME website i want to access.
What is the solution for this issue? Do we have to wait for Browser support with syncing Identities between devices, so i can use the same identity on different devices?
This is still being explored. The ability for credentials to be synchronized across devices vis-a-vis passkeys (discoverable credentials with be:1 in authenticatorData) From first-party platform vendors we currently enjoy synchronization within "ecosystems"; that is, between devices running Operating Systems managed by Google, Microsoft, and Apple respectively.
Synchronization between these ecosystems is not currently possible, but is likely being worked on. Password managers are currently experimenting in this space, too. There's still a lot for everyone to learn and get users comfortable with, as passkeys are only "v1" and are actively being evolved.
But how can i understand the flag for multi-device-passkeys? Any proper way (any test website?) where i can test this?
The L3 draft spec is a good place to look for deeper understanding of the concepts of backup eligibility and backup state. I'd also recommend https://passkeys.dev/ for practical passkeys advice (through a developer lens), and https://webauthn.io for playing around with authenticator registration and authentication flows.
I tried the demo on webauthn.io and it works great for single device. I tried that on Windows 11 (with Windows Hello and Yubikey) and Android 12 (with Google PW Manager).
Anyhow when i register an Account with Windows 11 and Yubikey 5 NFC using the cross-platform setting enabled it works for registering and authentication on the Windows 11 machine. But when i then want to use the Yubikey for authentication on my Android 12 Device it doesn't work: I am getting the Error
after i confirmed the authentication request with the Yubikey..